www.state-journal.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d9...
Submission: On April 20 via manual (April 20th 2023, 6:53:23 am UTC) from RO — Scanned from GE

Summary HTTP 268 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 64 domains to perform 268 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.state-journal.com. The Cisco Umbrella rank of the primary domain is 792199.
TLS certificate: Issued by GTS CA 1P5 on April 6th 2023. Valid for: 3 months.

This is the only time www.state-journal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
49	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
2	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
4	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
4	151.101.130.182 151.101.130.182	54113 (FASTLY) (FASTLY)
6	18.66.147.119 18.66.147.119	16509 (AMAZON-02) (AMAZON-02)
10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
15	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
4	52.214.4.83 52.214.4.83	16509 (AMAZON-02) (AMAZON-02)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
9	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
2	54.205.66.186 54.205.66.186	14618 (AMAZON-AES) (AMAZON-AES)
2	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
9	52.51.99.213 52.51.99.213	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1	52.208.190.244 52.208.190.244	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
2 12	52.94.223.37 52.94.223.37	16509 (AMAZON-02) (AMAZON-02)
2	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 10	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
1	52.31.6.231 52.31.6.231	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
5 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.154.41.234 54.154.41.234	16509 (AMAZON-02) (AMAZON-02)
3	52.46.151.131 52.46.151.131	() ()
4 4	64.74.236.159 64.74.236.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	143.244.49.180 143.244.49.180	60068 (CDN77 ^_^) (CDN77 ^_^)
1	54.170.101.76 54.170.101.76	16509 (AMAZON-02) (AMAZON-02)
4	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2 10	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	89.207.16.204 89.207.16.204	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1 19	34.247.233.198 34.247.233.198	16509 (AMAZON-02) (AMAZON-02)
3 3	3.67.53.95 3.67.53.95	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
3 4	64.202.112.255 64.202.112.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	54.145.221.84 54.145.221.84	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.211.229.107 52.211.229.107	16509 (AMAZON-02) (AMAZON-02)
1 1	54.236.144.6 54.236.144.6	14618 (AMAZON-AES) (AMAZON-AES)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1 1	104.111.217.14 104.111.217.14	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.210.55.139 52.210.55.139	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
7 12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	124.146.215.49 124.146.215.49	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	80.77.87.163 80.77.87.163	46636 (NATCOWEB) (NATCOWEB)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	143.244.49.179 143.244.49.179	60068 (CDN77 ^_^) (CDN77 ^_^)
4 7	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	74.119.118.138 74.119.118.138	19750 (AS-CRITEO) (AS-CRITEO)
1	178.250.1.9 178.250.1.9	() ()
1	35.204.158.49 35.204.158.49	() ()
1	185.64.190.81 185.64.190.81	() ()
268	63

11 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

www.state-journal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.4.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.66.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-66-186.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.51.99.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.190.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-190-244.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

adservice.google.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.94.223.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.193 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.6.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-6-231.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.41.234 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-41-234.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.151.131 (None, )

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.74.236.159 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.244.49.180 (Los Angeles, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 143-244-49-180.bunnyinfra.net

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.101.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-101-76.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.155 (France) 3 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.16.204 (Amsterdam, Netherlands) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float2.dotomi.com

amazon-tam-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 34.247.233.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.53.95 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-53-95.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.202.112.255 (Chicago, United States) 3 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.221.84 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-221-84.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.229.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-229-107.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.144.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-144-6.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.14 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.55.139 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-55-139.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.49 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.163 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.3.20 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.244.49.179 (Los Angeles, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 143-244-49-179.bunnyinfra.net

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.118.138 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (None, )

ASN- ()

widget.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (None, )

ASN- ()

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 26427	306 KB
25	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 8927 trends.revcontent.com — Cisco Umbrella Rank: 2610 Failed yeet.revcontent.com — Cisco Umbrella Rank: 9504 img.revcontent.com — Cisco Umbrella Rank: 13291 cdn.revcontent.com — Cisco Umbrella Rank: 10383 images.revcontent.com — Cisco Umbrella Rank: 10002	191 KB
24	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	180 KB
20	gumgum.com 1 redirects rtb.gumgum.com — Cisco Umbrella Rank: 2335 usersync.gumgum.com — Cisco Umbrella Rank: 2448	6 KB
19	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 361 aax.amazon-adsystem.com — Cisco Umbrella Rank: 455 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994 s.amazon-adsystem.com	71 KB
17	rubiconproject.com 9 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 798 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452 token.rubiconproject.com — Cisco Umbrella Rank: 795 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036 pixel.rubiconproject.com — Cisco Umbrella Rank: 447	29 KB
13	googlesyndication.com 2 redirects 92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177 pagead2.googlesyndication.com — Cisco Umbrella Rank: 129	2 MB
13	gstatic.com www.gstatic.com fonts.gstatic.com	568 KB
12	openx.net 3 redirects oajs.openx.net — Cisco Umbrella Rank: 3166 u.openx.net — Cisco Umbrella Rank: 974 us-u.openx.net — Cisco Umbrella Rank: 707 google-bidout-d.openx.net — Cisco Umbrella Rank: 3148 eu-u.openx.net — Cisco Umbrella Rank: 3173	3 KB
11	state-journal.com www.state-journal.com — Cisco Umbrella Rank: 792199	187 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 725 image6.pubmatic.com — Cisco Umbrella Rank: 1037 simage2.pubmatic.com — Cisco Umbrella Rank: 976 image2.pubmatic.com — Cisco Umbrella Rank: 1377 Failed simage4.pubmatic.com	79 KB
7	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 ad.crwdcntrl.net — Cisco Umbrella Rank: 11952 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323 id.crwdcntrl.net — Cisco Umbrella Rank: 2256 sync.crwdcntrl.net — Cisco Umbrella Rank: 1149	25 KB
6	adform.net 6 redirects c1.adform.net — Cisco Umbrella Rank: 908	4 KB
6	adsrvr.org 5 redirects match.adsrvr.org — Cisco Umbrella Rank: 451	3 KB
6	segment.com cdn.segment.com — Cisco Umbrella Rank: 2324	64 KB
6	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2985	160 KB
6	google.com www.google.com — Cisco Umbrella Rank: 16 ampcid.google.com — Cisco Umbrella Rank: 2680 adservice.google.com — Cisco Umbrella Rank: 130	29 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	37 KB
4	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 987	1 KB
4	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 813	2 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 442 dis.criteo.com — Cisco Umbrella Rank: 941 widget.eu.criteo.com	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	251 KB
4	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 32169	195 KB
3	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1063	1006 B
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 secure.adnxs.com — Cisco Umbrella Rank: 604	3 KB
3	smartadserver.com 3 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052	803 B
3	survicate.com survey.survicate.com — Cisco Umbrella Rank: 7463 surveys-static.survicate.com — Cisco Umbrella Rank: 11496	94 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	146 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 682	701 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1020	643 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	1 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 812	647 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	1 KB
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 6677	751 B
2	dotomi.com 2 redirects amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8170	656 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 825	1 KB
2	google.ge ampcid.google.ge — Cisco Umbrella Rank: 403474 adservice.google.ge — Cisco Umbrella Rank: 48171	903 B
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019	460 B
1	simpli.fi um.simpli.fi	610 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 733	512 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1531	660 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1266	831 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1939	191 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 866	817 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 842	684 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1528	44 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1318	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009	880 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 2272	672 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	4 KB
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1915	254 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3353	8 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293	408 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 143	101 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
0	audrte.com Failed a.audrte.com Failed
0	weborama.fr Failed cr.frontend.weborama.fr Failed
0	de17a.com Failed d5p.de17a.com Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	rlcdn.com Failed api.rlcdn.com Failed
268	64

	Domain	Requested by
49	bloximages.newyork1.vip.townnews.com	www.state-journal.com tagan.adlightning.com
19	usersync.gumgum.com	1 redirects rtb.gumgum.com ads.pubmatic.com eus.rubiconproject.com
12	cm.g.doubleclick.net	7 redirects rtb.gumgum.com google-bidout-d.openx.net u.openx.net eus.rubiconproject.com
12	aax-eu.amazon-adsystem.com	2 redirects tagan.adlightning.com aax-eu.amazon-adsystem.com rtb.gumgum.com u.openx.net eus.rubiconproject.com
11	www.state-journal.com	www.state-journal.com bloximages.newyork1.vip.townnews.com
10	tpc.googlesyndication.com	2 redirects tagan.adlightning.com www.state-journal.com
10	securepubads.g.doubleclick.net	www.state-journal.com tagan.adlightning.com securepubads.g.doubleclick.net
9	images.revcontent.com	www.state-journal.com
9	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	yeet.revcontent.com	assets.revcontent.com
6	pixel.rubiconproject.com	3 redirects eus.rubiconproject.com
6	c1.adform.net	6 redirects
6	match.adsrvr.org	5 redirects ads.pubmatic.com
6	cdn.segment.com	www.state-journal.com cdn.segment.com tagan.adlightning.com
6	tagan.adlightning.com	www.state-journal.com tagan.adlightning.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	us-u.openx.net	1 redirects google-bidout-d.openx.net u.openx.net
4	sync.outbrain.com	3 redirects rtb.gumgum.com
4	eus.rubiconproject.com	aax-eu.amazon-adsystem.com rtb.gumgum.com eus.rubiconproject.com
4	b1sync.zemanta.com	4 redirects
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.googletagmanager.com	www.state-journal.com www.googletagmanager.com
4	assets.revcontent.com	www.state-journal.com tagan.adlightning.com
4	core.spreedly.com	www.state-journal.com tagan.adlightning.com core.spreedly.com
4	www.google.com	www.state-journal.com tagan.adlightning.com www.google.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	cms.quantserve.com	google-bidout-d.openx.net u.openx.net ads.pubmatic.com
3	x.bidswitch.net	3 redirects
3	ssbsync.smartadserver.com	3 redirects
3	s.amazon-adsystem.com	aax-eu.amazon-adsystem.com eus.rubiconproject.com
3	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com
3	www.googletagservices.com	tagan.adlightning.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.state-journal.com
3	ads.pubmatic.com	tagan.adlightning.com rtb.gumgum.com ads.pubmatic.com
3	c.amazon-adsystem.com	www.state-journal.com c.amazon-adsystem.com
2	image2.pubmatic.com	ads.pubmatic.com
2	surveys-static.survicate.com	tagan.adlightning.com survey.survicate.com
2	pagead2.googlesyndication.com	tagan.adlightning.com
2	eu-u.openx.net	google-bidout-d.openx.net u.openx.net
2	creativecdn.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	sync.mathtag.com	2 redirects
2	ad.360yield.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pool.admedo.com	2 redirects
2	ib.adnxs.com	2 redirects
2	amazon-tam-match.dotomi.com	2 redirects
2	u.openx.net	1 redirects aax-eu.amazon-adsystem.com
2	match.prod.bidr.io	2 redirects
2	oajs.openx.net	1 redirects www.state-journal.com
2	gum.criteo.com	ads.pubmatic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	trends.revcontent.com	assets.revcontent.com
2	cdn.id5-sync.com	tagan.adlightning.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	ad.crwdcntrl.net	www.state-journal.com tagan.adlightning.com
2	tags.crwdcntrl.net	www.state-journal.com tagan.adlightning.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	widget.eu.criteo.com	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	google-bidout-d.openx.net	tagan.adlightning.com
1	secure-assets.rubiconproject.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync.adkernel.com	rtb.gumgum.com
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	rtb.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	secure.adnxs.com	1 redirects
1	rtb.gumgum.com	aax-eu.amazon-adsystem.com
1	survey.survicate.com	cdn.segment.com
1	cs.media.net	1 redirects
1	cdnjs.cloudflare.com	bloximages.newyork1.vip.townnews.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.jsdelivr.net	tagan.adlightning.com
1	oa.openxcdn.net	tagan.adlightning.com
1	cdn.revcontent.com	www.state-journal.com
1	92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	tagan.adlightning.com
1	adservice.google.ge	tagan.adlightning.com
1	ampcid.google.ge	www.google-analytics.com
1	img.revcontent.com	www.state-journal.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	ampcid.google.com	www.google-analytics.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	lh3.googleusercontent.com	www.state-journal.com
1	fonts.googleapis.com	www.state-journal.com
0	a.audrte.com Failed	ads.pubmatic.com
0	cr.frontend.weborama.fr Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	ssum-sec.casalemedia.com Failed	rtb.gumgum.com
0	sync.technoratimedia.com Failed	rtb.gumgum.com
0	api.rlcdn.com Failed	ads.pubmatic.com
268	102

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
finditky.com
frankthemagazine.com
frankfortstatejournalcollegehoops.upickem.net
facebook.com
twitter.com
www.facebook.com
wa.me
famoid.com
techbullion.com
zacjohnson.com
www.bigstockphoto.com
viralyft.com
smeagol.revcontent.com
help.revcontent.com
www.revcontent.com
new.evvnt.com
smb.state-journal.com
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
state-journal.com GTS CA 1P5	`2023-04-06` - `2023-07-05`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
core.spreedly.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-12` - `2024-02-13`	a year	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
assets.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
revcontent.com Amazon RSA 2048 M01	`2023-02-14` - `2023-07-16`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
img.revcontent.com R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh
*.google.com.ge GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
cdn.revcontent.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
images.revcontent.com R3	`2023-03-06` - `2023-06-04`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-14`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon RSA 2048 M02	`2023-02-08` - `2024-02-15`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Frame ID: 119D561A0E1897B3F0B9965CA8E55871
Requests: 154 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/number-frame-1.104.html
Frame ID: 35BACC34C23451ECE0FE8F02221AB2C3
Requests: 2 HTTP requests in this frame

Frame: https://core.spreedly.com/v1/embedded/cvv-frame-1.104.html
Frame ID: 466733CBB6E1693831B401B8F252B1E0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuc3RhdGUtam91cm5hbC5jb206NDQz&hl=ka&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=b430t16yv83q
Frame ID: 5E78CB07C1153A6FE35C323E0CEA6887
Requests: 7 HTTP requests in this frame

Frame: https://92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AE53255B0B01AC3DCFEEEF46E843F30E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t
Frame ID: A0694EA77B493081B7CF761D4B9B2740
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Frame ID: 8F4531CBC335D6687B3090DFFD4C34A3
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Frame ID: B5EFE697706F9BF1C65A9FF0186E571B
Requests: 9 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Frame ID: 1DEF75C14B0A4C80CF5B535564BD983E
Requests: 9 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 76281CA07DA54B5DB75A7BC7E6798A69
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: FC6148A5B21AAE7765ADDBF176C41B29
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 0DE228E83F9221CDCD5CA0B7DEE1F8D0
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 514112D25ACD72088999EFE00EEB0C60
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4341145328816995831&gdpr=0&gdpr_consent=
Frame ID: 2DA1D3CD48FDD608C8A96BCBC6F8976A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJFleBV2-M3gNYxifBAAAAAAA&expiration=1682060001&is_secure=true
Frame ID: EAAA0B89E56D49FACC7249D28A81FC2D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=731950065115987141&ex=appnexus.com
Frame ID: 8AD9F9CC373F0491B6A37E5DB83D65ED
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=&gdpr_consent=
Frame ID: 004D963920CFD58BBF80C387FCDAFE6D
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 3D1DBDB90F91C98AF74EC7FB3462FB8F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZEDhXgAEEQCmTgAp&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp
Frame ID: 0F1A1627AB37B7AC0C1726783ABB7353
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNTQwNmJmMS05OTE1LTRkYmItOWE1OC00NjQyMWM5NmI3NjE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: D2F22E4543A5EB7C54F5636F6AE95A94
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 1F153D9C77BC4BA10938C172147A0EF6
Requests: 12 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=ded3a212-523d-400a-89f7-8eaef19a9026
Frame ID: 376D72B360D8F23018668F5877BB1F89
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZEDhX8Co8XcAAGT3aXMAAAAA
Frame ID: AB9BC5347A1833F5F72D367AE3697773
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=50e95d93-e04d-4ca2-8731-6875b9a59ba2
Frame ID: 4CA298BA7CBD3B623B8BDB2884F8C7B5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 72A868DA142103E9C95088281F0E7EFF
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=wnmS99AdHkPXf6htW2wp&pi=gumgum&tc=1
Frame ID: 76801FDEDDCD5CEF1153C22D635F9D1D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 9CDDDCC00DC038B886E169DE57C41212
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 59A9A520D7E860C5A8E8A35383F533CF
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=0&gdpr_consent=
Frame ID: 0C26B6C8F42451E8E5F163E3FB11F08A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524343237384
Frame ID: 0CF0F61A43183319E8C0D2FE7516A5E9
Requests: 1 HTTP requests in this frame

Frame: https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 15B293538D7BA9AC1EAE66AAE13E9AE8
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: EC8638E64D212F4494B9FA6BD8E26BC8
Requests: 1 HTTP requests in this frame

Frame: https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
Frame ID: 7E827282579F99F63B2FA05E76373B9C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=646C06DB-DCA8-4E46-8F20-CA7A635104F7
Frame ID: 44673BF0AA4DE87423542118F9BB2DAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

10 Legitimate Sites to Buy Instagram Followers Securely | Sponsored | state-journal.comArticle with images

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

268
Requests

83 %
HTTPS

0 %
IPv6

64
Domains

102
Subdomains

63
IPs

10
Countries

5096 kB
Transfer

9642 kB
Size

80
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsumwmDD2MeedxXWmtsCkoKBrpUMXHIeSs7Aibt1hYbOQ-g18NYXwds6MaRyKuEu-QioGShuP2i-buW7oyCQcn0v7wMCrtbYftZ2CNXGQybHRRxXmJkPXO4lD3I6DEyI3wXHYRGkJnCazOYmZ2ttO5E5k4ApkVZKBfGW3dpviiyJIdUP8Dhtd6DCPrTATk8Zv_B_dB9V4YOkqWX8B-LM6CTopmJmlId9dDKyyuPBAeOwIElPXUKD5vAmvCcLA8NtsterH2XYfin1QgKxjnvRY_qsd9OKqrb4xrkrL1cNo2tNZF9OGY-rV67rCP_iBZpmfoAy9JT3P0C9R4hYXpwfIQyVTQ%2526sai%253DAMfl-YSqmYiLjfzrsjUCQLZt6TmZyMk2Tyig7fjzLVtmBlayU7GlynWfVMkmVW-lWLCH5jSvg2KXtZQLFsl2YvV4Tzcegq6YRbkY-LFMIf9m0OB8hv3FUhwFvm65HmyRSbn-MrWq4HGCJbCP7LHhac7S%2526sig%253DCg0ArKJSzL-m1xY-KwroEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps://homeplaceatmidway.christiancarecommunities.org/get-involved/

Search URL Search Domain Scan URL

URL: https://finditky.com/AdHunter/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://frankthemagazine.com/
Title: FRANK. Magazine

Search URL Search Domain Scan URL

URL: https://frankfortstatejournalcollegehoops.upickem.net/
Title: 2023 College Hoops Challenge

Search URL Search Domain Scan URL

URL: http://facebook.com/TheStateJournal/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/statejournal/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=10%20Legitimate%20Sites%20to%20Buy%20Instagram%20Followers%20Securely&via=statejournal&url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://famoid.com/buy-instagram-followers
Title: buy real Instagram followers

Search URL Search Domain Scan URL

URL: https://techbullion.com/buy-instagram-followers/
Title: most efficient sites to buy Instagram followers

Search URL Search Domain Scan URL

URL: https://zacjohnson.com/buy-instagram-followers/
Title: always deliver top-quality Instagram followers

Search URL Search Domain Scan URL

URL: https://www.bigstockphoto.com/image-407003006/stock-photo-minsk
Title: https://www.bigstockphoto.com/image-407003006/stock-photo-minsk

Search URL Search Domain Scan URL

URL: http://viralyft.com/
Title: Viralyft.com

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/Z6WekrAZ4h2cJoLN9uzXHlosUhjl2N-PjeUXTfEhSdefOosrrgfUgS9ktiQsVJwA8M8P-DS32coylHVUyAfMAJi3G6XJOgSBtHDuJiokWITtEE4h8xdsrqvFeBQLK2ZvPlY93soe35Vcm3YwP7uVr6fK0uTseI-ds8YG2gupU9Pb8icztIG75BhlnYatrFp4nadI8e9qblDt7KGWPPMqm6IpuUaF-dwav1AUDthkaFIps963fl-rKaA1GFVFPzD08FvUlsK8FjPntnKbZmZhTDi2ZvJinY9-V-zbBbR9aK0yAOIk28cuTDSfb9vxp9jSNfOgY65HeJy7C-PnrVDZeB1rDl14gbYMdsESboJpEIww35NUmk5Cs3yhNWs0YTO-yVdcytksXoiJcBu4mFgVYEa3KVZHKom6Z0owJLeF-piVyM6o7Bxr2LkNnM6IKmqX5sPOI8WQE4j9c0UniwxcgskBZ02TQPV1B_mcpOWgFTjP_agBaj3cOWv4d_pTMp8url_kuzjL1DlqAZhHv5AGXCPv2mSi_Sn5Olm5UZ38AW3EydVZ7YLWBVQj9Ji8Lm-D3kaDYaF9ZnNf_vnO21z--i_Wz1IqtlQLKWiUULijuRGFnLk27O9NxxxNUr21tXKo7DWagppOa6h3yrbBT1ETts55UK67VnThEiC4Y0iFyHCEfVoN_aSNyNe7N-J14ak3R7BCcFVnSaadmbeQDtUniGSLSCG2no2U0Y5aDsQEvfdrWs3vQ101m-S0ON6a6fDIg4oJk2GC-AvXMqpCR4wUcGfg5OMKBhk?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEB2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Tbilisi: Los Refrigeradores Sin Vender De 2020 Están Costando CentavosRefrigeradores

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/RIuLW6fMN_-cEnzxrEZe9l9nuRgTnIA_dUGvn_luZ2qqSp-P6LEgAd2yXjFj1C83Is5RsP71CO9K9QA3KSJY3XHUP7w9HHfR3KZt3wMdcPuzcFdpQSU4ip3bAb3_4I-yIGFNYrYY7GFM1brQeLywuNpxrg5WGKhZfbYK_e0LE4pYGq6-XbIIylZp2Xd4FFbSKyDcjdleIgq7Gt5yTGb_TzCglBGGZbYy52JKumhcBc7_8wl6dVr-1Pw_2edMgu1284yInxqT0OggocUKnLfrhy_aomr691KiNF-vdw6ZtU-zMMTYzRG9TbZ3e_UA3uZI2iTyNhGLI4KEURbw0cEv96fqT7A0VDOkDfjBjm95K5qZGP1Yr3ETEyx9fwrhsPXEVx52jQ3y77Ea5QRvLFQ2zZ0MvN7D1uclrcjjqimmWy0FUnm0-dBvnELEauXFKqFGSqeBWtHzPjpaEu75bsPQHwl6uwdS6bMLbEQT97vGV0banZc77plxdiNuBsy8yJy0p4z-m51itxEvHKvx0zXqLKle-aXLyQfnmRyDI3u_jIyIAaeFajlZTeOmUSSqPP-XzenlaglK2YKpMHTnF91JVVAyjR_tlTO5qN711h6eXsIKs-ompRdbfDIL-CceAxNlxBH_vAYcBG7DPKuet6FWB2XaeCBmIiO2tJpxgIpAdnrG8gGA7nn6ghDZUJbzOAEIT67VSyturjyZTmRM6IhwVhbtAr28EAquZjHvAjDZ7g?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEC2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Tbilisi: Vendemos Autos 2021 Sin Vender Por CentavosAutos sin vender

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/Q8hdMW0UDhOyjqHSJWTsMuCZ7hGze_bvuy4kx21o9eVPdnC237tp8OpFJoMvl2TadLvYnVchfVwxZ_uh848SHBq_m2G0WvEhBD7jfEEPTd7GgzroS_4srORtJdr4gAoqL9xD_hkCuQAoFz5rZZhp4au035Hae0IoFyv1Qf9wcx5zWSwRIYRU--XprOthjKqU0ELIVzZN8SargnzvkLwgqO4ud7TdkMHX0DScu1jzAbuucDVtGz09t8USz4z0e1pmRy2Z9ISAEMxwfvIENHQ--G9_jYDGfVhq5sb1hzKg9kGAhZYF54GOczbKy47NjqgSihL_WndJ9_yxhmu6Gqux4_6gCBpADRg-y8FuVx8OFx9Eos450X0n3L4TL7PH_3ZIH1HCSDvPA0tGcSMzWdZYiIaPsNwBOptuOXyDUE6OcCMGOMFVcxM9ROSdphFU9ypMOXGbyQfi61KOb-8-jK2R9Da3hTz1jIiHGtzWH4zpJApuN5JF98njSQ__BRgBKdf0F0MmbquC?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAED2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Common "Health Food" Destroys Your Vision (Stop Eating This)Life Product

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/xKPRGACbh8AetBTIGfylUzNuL7orWTNwKGaBsxBZs4iZUXDS7AyxcQ0FyeLaaPeCIl1rhNp2Z6FeCOcohEKKUSUXpjmRq9Sx6SpaU9bMwv0EaRCLjZGIWl0Q9ELQtQmE0evmmC_6tjzrfz9-X-qi1j2QNPSk_rS7mkEuii_1WY9mUxOrE-iZ-aTMJtdaAm0xoJ6IkCjT3LnEUDfjI-h1Dn0ja_Euc1hfqSlbWdzgxB-o3qio9yPmntWdUKqJvGOFH30iA9zEkhfc6Vuaq-uG0pa9f-6oraQSHz5c7gDFsilc0sDsf9YmGZ-syuVj03i091t9F45mTasgQqjiMb2zkmGdPTmbV0EsSsIwfWThiKouGIraIZBwQbtpj0_3OQ5IVdwo66RWMirRO0AMrFtzOevbEe2aeszFNwxyp3xv4QF66YC-P0qZCTdlfjEvLb0Qg818sI8LIUzIJziUqlkB2t_jFwLIfe10Fn-iCLRs6aIFtWEMZzB2g4dAnkJrt6sWNNQFLaRe0MoUDH3A?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEE2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: One Bite of This Could Keep Your Blood Sugar Below 100 (Try Tonight)Day News

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/x101TW9FMfYQfnYGY1iCtZ1Nvkf3LsJhjsKd_E97gRJxHEqwOQfbQmMzTBHAfDqCrleO3Y2encJIcLxpYBLqFTo8cbsOaGFfNHfrXd46yTXomtUCmzfbbDRAMffHaIeQNA8uQe0n1JSHrDJouDIBSISE5Nqc7JH7nPpNBYokDCHQ3Xg_L8ZETRynPGi6R0tjym5hSID2j31H3xEMmu6Sg6jTfmGOwqKrhg4xSEyy7NbzLli6srUMjp_PO7fVj6by7iS7BJX1ftxswhDxdqaop_IHjwuyVY81ec2tfw_Qh6pPSU4ZJVSdscRVabCi5UkAE7JWE4RhZhT6k5XZyNNT2MJilIvcSYPBohtz_i98YwkXzs_cAyLkzhrPbGaFe2n6Cat-fH3TzRjvNZbGziH_pm6sCvULp-QiZiI1xiHMfkDY-HQO_lQkIRYOvkcQVveD11Pt38KpBFn5douSkGh-WZo97790X1GeKhpy7zpVKB1WaVYxAQbU4sTDvQFMs6vl2DFU?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEF2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: This Eardrum "Bandage" Clears And Sharpens Your HearingLife Product

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/7ySbPB8fCUojFp_nkBnA0TnE-bN98wQQ3JmCshBH73HbRatcW328YsgJ6QE8TX0U8eGhnt3n3xrf7nK5b2yfAcQNN0oIthRHQbxV_Kk36845bQYYtzWWohuEdRmRzIWuusHlGE9-3sx4dmWLdOnDLbR655Cwik5h1vg5SsoblCb08yamhP5JlgaAhFGoIJMjTwUe4u355yEegdQQerkRVRofVYT9Q6UEGLpljp2GLfkiD2pIrcLMG7lEyUzCD4SvjYF4er-hqNgJ-uKySTkeq29gC2HY1o_GFo2dDYwIcL_xrf-xYsqJUW3k3snyYG6iKu9yhXCB0v1j3GjN5YQBB-riSRDROZX-EIgZ7gGccSqKE8wJAUnGOB3PzKUUwOJlP-J9ObrfOd9IQQeCByDNe6-IPJkNL_VM89m3pz6FpciOqO5xKCRjrulAB8B6XO-e3r2hQXKbfYgAltsoQEPVzuhv7O-36EWWsKJUYLONC-IzZhCLegEMxy4SCXTBIsE6mV5DYRwdZv8?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEG2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Ears Ringing? Doctor: if You Have Tinnitus, Do This Immediately!Healthy Lifestyle

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/s95l1KE_5eueWTudAqtRRPmLN_IGR2EmlhEq3jp1AZV4Zwf1O7ZBdyBsPSToL3bWOfDANoNKMBBCUhKJDE7qrcOPYgGS9kJN0KP85n5v5uEGF1K_EkZuDm25IDq23HWuTzeMXUkm2dJOsgAsFjkuMqHBeH5dvzHaaYm9vOpUbmFaCyztyc11afYvAjv0l0b-tYUYdm8c4APRjZTcKX8p3f4ZhKXKFZXeyGFw9vcOsMp70EyfFpXWsuys3eAcOiG3AHJA8zyf95m4ZtuxZTZE6LpRYdfs_3ClMPPybP6sWBPzGAkTiD-DXnBEbyAuy6yOrZKjhZwCbBTXI-drj1LrOPWM9LPYgUnsETyeSIuMW5adzg3razoEnzFSuzzy4MsKGYFLRe8l9qT-2uvjq5r7ZO6_wO0KeFXv2_xV69TQIeAgV7nDyBgb0R3G0H49Uas83qrnoa7F1yD04u6UtOZ40WpdO9RG3lGQ_TVONwwjN27qgfS7vdjqZX7TGhAXhDx1fXycDbVSsEhfT9SMJteU?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEH2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Anyone with Diabetes Should Watch This (Big Pharma Companies Hate This!)Life Product

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/paXJcBjJlJ2BTZoc-SgVZadSOx5SODmFUGetARYGlZxcIQnElqEeJmnb3uJWyCEi5qLtH8zp6zS2QtJX-IwF3WpcthmMCzea0V3IUdoJi8hGIzwvHSuOG7cY4kOPy-aEXVzJ7f8gmmb6caW1rmdu00Ii1Z6HVqdXfqMkXZdbnIgLNGiyZkvQKlkqv8MrdFcmL4E3ttKyTkaoCN6yiqYSDpgMs8uRyLevzhZ-niBWpbLXz8uvbr6814m3350wO7QYfiDZ6rUSr4RiAsxaWk_I9c6wt0n_aEg4w0LiejMP08kE30CvYPzWM0ypuGKjZC5goJ4pjIQNXt1cqKerrHGFJYEUTZ-_3JeV5lCxjK9MO7x6LhnzK51yZhzCkgnwFVYfFiQtHiT1dOYsEmCDbVw4vErbpCl_Gke5cfsGdE-pLaG2K2iFrVSDcPowL6qbHrr8xJsFJFuuWkwhooPEJUI-1uoMdsdguPrC_dtKAorkNv-7r3m5VKYlB_--QZqGbAfwB1strQdLoIZ7figP9NezxQ?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEI2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Get Rid Of Your Vision Problems With This Groundbreaking Eye TrickLife Product

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/JJfW-y9NNiH0gtetaIIkq65UybhXuzB7bUzCbP7wbbw5uQ-EETMn4EFx0ZciLATFZ9DN3u0XtNKPpv3IKsiyqHVKsAFb36KyH0F8eVbLOC5Qf1V2QfK5JGnSyY9xD4yXbZoK9wsuFTRgKcWq4o_PFN0k_9GZLr7tsXWZi1yYN0f6dlIqQ38VjsJlymqdvOzmMYDDLLJZ9VLoA08jtU1RnUUwYjc4K_NW1xigF1YRFC0PzXsdcG9j3cNvxijYK5MeKaF6zhftflQioJSxxdJ52WBl1TI6jwh_U7l_APfJMl5O6ikjomdUwL1jcmROC1pxREAMxjyeMEALl0JmPfbBhfJG513Kqq6Y6jDUY1wvgTZcsaEKwsm06JrhdS09KRr11a8LYK0roFbbDPBEzCAlxUpxIe6UqWThKS41MmaCr5KQPx6lrCOnmOCA7qka4cSNqg_5DDRABqUiW3UuT1JjIV_zQUQJsU23hYJN-3jSYW0otDBn6ZvekI9Vtw0dq4TcUw?p=GgFDMNvCg6IGOiRjMmU3NzVjYy1mMmNkLTQ5YjQtYjkyNC1hYWY2NTViYWQxMWNCJGY0ZjFkOTRmLTNjY2UtNGM4NC05ZTYzLWYxZjFkYzFiYzAzMUoMd2hpdGUtd2Fsa2VyUOacCVjgnw1iEXN0YXRlLWpvdXJuYWwuY29tagdkZXNrdG9wigEDM3gzkAEJ2AGyjvABqgIOOTEuMjM5LjIwNi4xODU
Title: Focus: if You Have Diabetes, You Must See This (Watch)Day News

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://new.evvnt.com/?with_navbar&force_snap_sell&partner=STATE-JOURNAL&publisher_url:state-journal.com#/quick
Title: Promote Your Event

Search URL Search Domain Scan URL

URL: https://smb.state-journal.com/
Title: Small Business

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 123

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t

Request Chain 181

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp&cc=1

Request Chain 186

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODqwJCyDxABGAEyCEZZxkMXmqzV HTTP 301
https://tpc.googlesyndication.com/simgad/4260371618706363555

Request Chain 187

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODqwKi6_AEQARgBMgjWEXc6SardWQ HTTP 301
https://tpc.googlesyndication.com/simgad/10034664907787425390

Request Chain 191

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3249751974268110000V10

Request Chain 192

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
https://s.amazon-adsystem.com/ecm3?id=AAAqpE7IgcMAACERSaqrtA&ex=beeswax.com

Request Chain 193

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=a4rFNdZ8iiLi955nBoAC

Request Chain 197

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 198

https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4341145328816995831&gdpr=0&gdpr_consent=

Request Chain 199

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=220ac3fd90e21ed8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJFleBV2-M3gNYxifBAAAAAAA&expiration=1682060001&is_secure=true

Request Chain 200

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=731950065115987141&ex=appnexus.com

Request Chain 201

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=731950065115987141

Request Chain 202

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6ea1152e-6e2b-49c5-bc68-416075f9578a HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6ea1152e-6e2b-49c5-bc68-416075f9578a HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=aa825f42-8c7d-42d0-9595-a1498937e4dc&user_group=1&ssp=gumgum2&bsw_param=6ea1152e-6e2b-49c5-bc68-416075f9578a HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=6ea1152e-6e2b-49c5-bc68-416075f9578a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 203

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&obuid=ENC(PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK) HTTP 302
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DPyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=4341145328816995831&obUid=PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform

Request Chain 204

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=a64d6baf-d602-41e3-8fdf-996713849b85

Request Chain 205

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-9c69e4cc-d34a-5730-75b6-7fc8ff15b83b$ip$91.239.206.185

Request Chain 206

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-44ep42JE2pcxpjMfhq3H6xWaiq.7C_OaBgFv~A

Request Chain 207

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=66cc4550-5559-4ed2-9e6f-d9bb8cd7cb41

Request Chain 210

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=lrrGdJIPXAayPrDLJnS6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWHE4SHMRFESUCYIFQXSUDSIRGEU3STGY HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWHE4SHMRFESUCYIFQXSUDSIRGEU3STGY HTTP 302
https://usersync.gumgum.com/usersync?b=zem&i=lrrGdJIPXAayPrDLJnS6

Request Chain 211

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=4c80d205-59ee-4e3d-b982-bf4578b38a1b

Request Chain 212

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=Tuh1Cs6sQhG9&ev=1&pid=558355

Request Chain 213

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=4341145328816995831

Request Chain 215

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=&gdpr_consent=

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=ZEDhXgAEEQCmTgAp&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp

Request Chain 220

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=ded3a212-523d-400a-89f7-8eaef19a9026

Request Chain 221

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=ZEDhX8Co8XcAAGT3aXMAAAAA

Request Chain 222

https://cs.admanmedia.com/sync/gumgum?puid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
https://usersync.gumgum.com/usersync?b=aad&i=50e95d93-e04d-4ca2-8731-6875b9a59ba2

Request Chain 224

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=wnmS99AdHkPXf6htW2wp&pi=gumgum&tc=1

Request Chain 225

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 230

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4528129390394644311

Request Chain 231

https://match.adsrvr.org/track/cmf/openx?oxid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0&gdpr_consent=

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1

Request Chain 239

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3983137759761416126

Request Chain 240

https://match.adsrvr.org/track/cmf/openx?oxid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0&gdpr_consent=

Request Chain 242

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1

Request Chain 245

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LGORNIYR-1G-IRR9 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LGORNIYR-1G-IRR9&ex=d-rubiconproject.com&status=ok

Request Chain 246

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6gs07k90QZ6AYJTfzxPAcw&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6gs07k90QZ6AYJTfzxPAcw

Request Chain 248

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/srodtfjh2a_AdOpwQo9blcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HFZLsupE2oIhaDxhdgv_wtV7.IwjSjRZ1gLcHA--~A

Request Chain 249

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGVjMzE0MzQ3ZDE5NGM3NmEzZjRjMzBiODNhYzNkMzliM2U1OGM5Nw

Request Chain 250

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGORNIYR-1G-IRR9

Request Chain 251

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENlpPuFBciAxS2VmicW2D3M&google_cver=1

Request Chain 252

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdPUk5JWVItMUctSVJSOQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIUF380Bkwj0Z2WWuz_7kqg&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPUk5JWVItMUctSVJSOQ==&google_push=

Request Chain 253

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=&expires=30

Request Chain 254

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=0&gdpr_consent=

Request Chain 255

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524343237384

Request Chain 256

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZGwG29yoTkaPIMp6Y1EE9w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 262

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=755270068

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ2QzA2REItRENBOC00RTQ2LThGMjAtQ0E3QTYzNTEwNEY3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPdso639q9JTK28nNU7bThg&google_cver=1

Request Chain 267

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673281508958538268

Request Chain 268

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=

Request Chain 270

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LGORNIYR-1G-IRR9 HTTP 302
https://usersync.gumgum.com/usersync?b=mag&i=LGORNIYR-1G-IRR9

268 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html Show response
www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/ 488 KB
127 KB 1526ms
1064ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

abbbaef2618eaf9cf000002e42db236fff4062d845b2a190aa751cdab81b0ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 127534
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 06:53:12 GMT
etag: W/dc622de08510e128e3494c1dcd4018e3
last-modified: Mon, 23 Aug 2021 17:34:35 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b592b309c8e5e5c3477385b84e8c66d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.5db05a902b65d8369a6c2a8372700e2e.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.69.1; app16; 0.48s; 4.9M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 615ms
327ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 197902
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f592bd6-FRA
expires: Wed, 26 Jul 2023 09:26:45 GMT

GET
H2 200 user.js Show response
www.state-journal.com/shared-content/art/tncms/user/ 12 KB
5 KB 217ms
216ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.state-journal.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 2e2d9e035b60b9327b80160e2c7bd5bea17951235a6221398f698997b9583d0b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:48:59 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 15:04:17 GMT
x-vcache: HIT
age: 253
etag: W/"643eb171-2fd2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 4388
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 747ms
459ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f5a2bd6-FRA
expires: Wed, 03 Apr 2024 07:36:53 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 589ms
303ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 197902
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f502bd6-FRA
expires: Thu, 11 May 2023 19:04:19 GMT

GET
H2 200 tnt.7b592b309c8e5e5c3477385b84e8c66d.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 22 KB
6 KB 581ms
294ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b592b309c8e5e5c3477385b84e8c66d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50846800868a535c1d2befa0b84738e08ac7013dd5628b4a2be94308d2caa1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 136664
cross-origin-resource-policy: cross-origin
last-modified: Wed, 01 Mar 2023 21:44:47 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63ffc74f-5804"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f522bd6-FRA
expires: Wed, 03 Apr 2024 07:36:53 GMT

GET
H2 200 application.5db05a902b65d8369a6c2a8372700e2e.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 574ms
288ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.5db05a902b65d8369a6c2a8372700e2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9d2ec08d5cb963c3b28c81c8de67b3bf03a09e5dd8729d8bdbe7f0b35e88ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 136664
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246872-110a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f532bd6-FRA
expires: Wed, 03 Apr 2024 07:36:53 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
963 B 599ms
313ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 214225
last-modified: Thu, 23 Jun 2022 13:40:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b46d3b-9ae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f5d2bd6-FRA
expires: Thu, 06 Jul 2023 19:03:47 GMT

GET
H2 200 bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 496ms
210ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 655749
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:45 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246869-1ac24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0ed72bd6-FRA
expires: Tue, 02 Apr 2024 18:13:06 GMT

GET
H2 200 layout.2723a472d67f35b336db62562bbb130a.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 153 KB
28 KB 530ms
244ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.2723a472d67f35b336db62562bbb130a.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd49ff4c1f77c137d4a006e41f9ec83842c543c7d7ef8231f7968aa6f0901f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 655749
cross-origin-resource-policy: cross-origin
last-modified: Thu, 30 Mar 2023 13:41:01 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6425916d-2638d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0eda2bd6-FRA
expires: Wed, 03 Apr 2024 19:01:57 GMT

GET
H2 200 theme-basic.b4fafa6ad47070c5ddeea8a90f19ad7f.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 430ms
144ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.b4fafa6ad47070c5ddeea8a90f19ad7f.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e290fe7d19052faf0432be002c9d80f4f91179f775cd4b629b892a24cc7ff58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 655749
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:35:19 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642468c7-a4bf"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0ed92bd6-FRA
expires: Tue, 02 Apr 2024 19:50:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
2 KB 431ms
148ms Stylesheet
text/css 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

ESF /

Resource Hash

6ea46a5fbd58b64120560f7920c88ba378bd997789c2a3866e1295acb4692552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 06:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 06:53:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 06:53:13 GMT

GET
H2 200 tnt.access.offers.a3fdcb9b3696a1626eca8a6af79525fe.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/ 19 KB
4 KB 424ms
139ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/styles/tnt.access.offers.a3fdcb9b3696a1626eca8a6af79525fe.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e04a03a17aaa1bc2650cdaffbcccbcc23a45b550ffb638507f5b8e253fbe2c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 618734
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Apr 2023 20:23:54 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64307bda-4d21"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0ed82bd6-FRA
expires: Wed, 10 Apr 2024 19:01:47 GMT

GET
H2 200 datepicker3.9f2593097fc3849b80bb9d187a12b345.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 31 KB
3 KB 493ms
208ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/datepicker3.9f2593097fc3849b80bb9d187a12b345.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 214225
cross-origin-resource-policy: cross-origin
last-modified: Thu, 08 Dec 2022 13:56:27 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6391ed0b-7b02"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0ede2bd6-FRA
expires: Fri, 05 Jan 2024 20:03:28 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 960 B
690 B 423ms
138ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 197902
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137098-3c0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0edd2bd6-FRA
expires: Wed, 27 Mar 2024 12:11:27 GMT

GET
H2 200 tntslider.f27be709394963b5230c7198d02fb3a0.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 426ms
142ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.f27be709394963b5230c7198d02fb3a0.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2888adf4d3b89c5f90f09bb17e5ccb6d126457c9bd1cfde892194ba8954cd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 81296
cross-origin-resource-policy: cross-origin
last-modified: Thu, 30 Mar 2023 13:41:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64259177-145f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0edc2bd6-FRA
expires: Wed, 03 Apr 2024 19:01:57 GMT

GET
H2 200 tnt.comments.c281ededc640381d48e91e027585814d.css
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/ 3 KB
923 B 641ms
356ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/styles/tnt.comments.c281ededc640381d48e91e027585814d.css

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413709c-af5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e0edb2bd6-FRA
expires: Thu, 21 Mar 2024 09:07:11 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/14154/ 38 KB
11 KB 450ms
152ms Script
application/json 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/14154/cc.js?ns=_cc14154
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5210732beb94bd3612a6c2e55a932532f265303a35a9fdd0ba234a4d92285ef2

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:45:19 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 23:55:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 7779
x-amz-server-side-encryption: AES256
etag: W/"8c4d073a14f2338a9a0866d1824b989b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: public, max-age=86400
x-amz-cf-id: K_uj712672NsNePphqx2eILgPqOBMwKoAQ44DULv9asuWR_HXmIYkg==

GET
H2 200 access.js Show response
www.state-journal.com/shared-content/art/tncms/api/ 87 KB
35 KB 217ms
216ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.state-journal.com/shared-content/art/tncms/api/access.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8

Request headers

Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:50:19 GMT
content-encoding: gzip
last-modified: Fri, 07 Apr 2023 20:21:14 GMT
x-vcache: HIT
age: 173
etag: W/"64307b3a-15cd7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35387
service-worker-allowed: /

GET
H2 200 bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 26 KB
8 KB 602ms
318ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/bootstrap-datepicker.2b28bee684315ebcadec4a6b63cc146d.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 143417
last-modified: Wed, 03 Aug 2022 16:43:50 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62eaa5c6-6931"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f552bd6-FRA
expires: Sat, 12 Aug 2023 09:42:42 GMT

GET
H2 200 jquery.mask.84bef41f682a27dac3fd6e812c06365d.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 3 KB
1 KB 574ms
290ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.mask.84bef41f682a27dac3fd6e812c06365d.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 214225
last-modified: Thu, 21 Jul 2022 21:07:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bffc-c0b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f542bd6-FRA
expires: Wed, 26 Jul 2023 09:26:47 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 911 B
901 B 416ms
141ms Script
text/javascript 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=signupVkCallback&render=explicit

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

765ef5d030bfdd227d9a71b4f84547831d03fd960ea4bd2b5832a0afae6e766c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 06:53:13 GMT

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 78 KB
78 KB 363ms
115ms Script
text/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0d776de8e2c5bdd85baea6c563e8d39b7896bdcfcb0dc5c29333a9fb3f1b6480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 20 Apr 2023 06:53:13 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-amz-request-id: 2RFYQ970196YX16Z
age: 1109
x-cache: HIT
content-length: 79878
x-amz-id-2: iFTTtOAKkfSWbi6ayo5RA5rJ/Jt0JPW/zk4NtbFrh5tbr8pjB6eHjG5T9B2LhCVqFwpqDl8ofcA=
x-served-by: cache-sof1510028-SOF
last-modified: Tue, 18 Apr 2023 14:03:13 GMT
server: AmazonS3
x-timer: S1681973593.246965,VS0,VE0
etag: "ee616fc42acb865a54ed84bc1aa4587a"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
683 B 418ms
144ms Script
text/javascript 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

2f6d43bca4c86c095c106e84cf4b63576e07a5d3d0ddd4d0b23939a34265738c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 614
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 06:53:13 GMT

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 925 B
450 B 639ms
355ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 81296
cross-origin-resource-policy: cross-origin
last-modified: Thu, 06 Apr 2023 14:32:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642ed817-39d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f572bd6-FRA
expires: Fri, 05 Apr 2024 18:19:32 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 532 B
474 B 205ms
200ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 870348
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137052-214"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb582bd6-FRA
expires: Thu, 21 Mar 2024 07:07:53 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/townnews/ 46 KB
18 KB 447ms
163ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/op.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceabd657e1f90cf9a76784892a279e8a947fd0616b78fdea26a48ae5edd6a9c6

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8IIvbTtbfNA0ZByEnELACEeArq8L5lEZ
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 06:17:11 GMT
x-amz-cf-pop: FRA60-P4
age: 2187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18323
x-amz-meta-git_commit: f140f48
last-modified: Mon, 17 Apr 2023 16:11:58 GMT
server: AmazonS3
etag: "c75995c75d796e36c72824a267b46823"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: QBGp_utFs-HO0UPk-F68i8pOsqRHSeLv8roaOOSfz1Qiz0N4xdDshQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 499ms
216ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1d9ef2132dd32f85d055ba4447b7895e017e1fd2e8aa9a8aa54d05850ae60369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25395
x-xss-protection: 0
server: cafe
etag: 313 / 19467 / 31073971 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 06:53:14 GMT

GET
H2 200 tntslider.66567bfb98bebcb367f25921340b6961.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 21 KB
6 KB 208ms
204ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.66567bfb98bebcb367f25921340b6961.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180273012afa9551ba74d44a3a48f42f10b692ed23a5e35ef9b4a0758548a173

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 870348
cross-origin-resource-policy: cross-origin
last-modified: Thu, 30 Mar 2023 13:40:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6425913b-5396"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb5a2bd6-FRA
expires: Wed, 03 Apr 2024 19:01:58 GMT

GET
H2 200 tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 4 KB
2 KB 295ms
290ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Apr 2023 14:41:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"643814a3-1151"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb5b2bd6-FRA
expires: Fri, 19 Apr 2024 06:48:21 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
781 B 209ms
204ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 37264
last-modified: Fri, 01 Apr 2022 13:29:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe4a-5bb"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb5c2bd6-FRA
expires: Sun, 23 Apr 2023 09:06:12 GMT

GET
H2 200 tnt.comment.ab5fb87419367af823185ae92fe15663.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 13 KB
3 KB 812ms
528ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.comment.ab5fb87419367af823185ae92fe15663.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137059-3480"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f602bd6-FRA
expires: Wed, 27 Mar 2024 12:11:27 GMT

GET
H2 200 tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/ 3 KB
924 B 640ms
357ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/comments/resources/scripts/tnt.emoticons.2048520c3a5ad423f37d8d4ac8c790a9.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137058-a8f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f5e2bd6-FRA
expires: Wed, 27 Mar 2024 13:07:18 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
271 B 580ms
297ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 197902
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:57 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413708d-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab780e7f582bd6-FRA
expires: Thu, 21 Mar 2024 06:47:51 GMT

GET
H2 200 tracking.js Show response
www.state-journal.com/shared-content/art/tncms/ 3 KB
1 KB 218ms
217ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.state-journal.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:52:21 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 15:04:17 GMT
x-vcache: HIT
age: 52
etag: W/"643eb171-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 fontawesome.202919738484a56c0f9954429b5d61bd.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 264 KB
96 KB 218ms
214ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.202919738484a56c0f9954429b5d61bd.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e02001a09cafaa275d42c058827876bf0c36295fc53c377db69a6dce21c51217

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 989002
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246882-42150"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb5e2bd6-FRA
expires: Wed, 03 Apr 2024 07:42:18 GMT

GET
H2 200 tracker.js Show response
www.state-journal.com/shared-content/art/stats/common/ 9 KB
3 KB 220ms
219ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.state-journal.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:52:21 GMT
content-encoding: gzip
last-modified: Wed, 22 Mar 2023 14:02:33 GMT
x-vcache: HIT
age: 52
etag: W/"641b0a79-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 BUhfOLdpfj9K14r3fYU1LVMqRZmzkDTue5AUut3Wq3ccEKX6ltxiOpHJ7v3ySHKLl1PoS_0x6B9Vm4VgTsYBDq-1bvYZl4HLji9_pC7yRK6CtZIEfqAtHMDhq_dJLN-gVTtybII
lh3.googleusercontent.com/ 101 KB
101 KB 878ms
596ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/BUhfOLdpfj9K14r3fYU1LVMqRZmzkDTue5AUut3Wq3ccEKX6ltxiOpHJ7v3ySHKLl1PoS_0x6B9Vm4VgTsYBDq-1bvYZl4HLji9_pC7yRK6CtZIEfqAtHMDhq_dJLN-gVTtybII

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

fife /

Resource Hash

69c27aac0b73c044f0ccdaff22fba6598fe3d304f77702d633c9f341f92e21e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="image1.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102929
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 21 Apr 2023 06:53:14 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 161 KB
51 KB 428ms
139ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:05 GMT
server: AmazonS3
x-amz-request-id: 9QCJZ89EZRZQ7TQA
etag: "cd6ef508acd21fd90cc2de7163af0d41"
x-amz-server-side-encryption: AES256
x-hw: 1681973594.cds259.fr8.hn,1681973594.cds146.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 51622
x-amz-id-2: SjKFlDuiW9yISbxBO/UCsPMBBQQ7mXcTMuAkqw+rOZQirgLUWK7KzarNJchI0GJ6O4W0sQIvGM0=

GET
H2 200 tnt.access.3.1.a2b274d791037f294fb39797d11e7967.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 4 KB
1 KB 138ms
138ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673a0fb1e3cf02661361b70189d7329c8e51fbbadc1b6824748a1989c3e6d95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 209876
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:00 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246878-10d8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78118ad02bd6-FRA
expires: Tue, 02 Apr 2024 18:13:12 GMT

GET
H2 200 tnt.access.granted.3.1.fc65cad9e66250cf8998ec9ff3cfa9eb.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
897 B 142ms
136ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 69546
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6424687a-832"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78118ada2bd6-FRA
expires: Wed, 03 Apr 2024 07:46:53 GMT

GET
H2 200 tnt.access.user.modal.f7354dab6768ba975cd14f2e3a8933e7.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
824 B 248ms
241ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79243ba9d4f951345916f75842d1108f38686a192b7849486fab98ab0626650c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137057-820"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78118ae22bd6-FRA
expires: Wed, 27 Mar 2024 12:11:27 GMT

GET
H2 200 tnt.access.user.modal.wall.fe4bc65c3c1a62cc697a7b9ce0a3ef8b.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 14 KB
4 KB 146ms
139ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

758b00f9a19d19e2f71f166aebc73f6d5ed12bf31d6f9db411e1890450f2e3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 618734
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Apr 2023 20:22:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64307b96-3817"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78118ae32bd6-FRA
expires: Wed, 10 Apr 2024 19:01:47 GMT

GET
H2 200 tnt.access.denied.4.0.offers.477ce6e15f7468d103ff927e4d75b228.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 12 KB
4 KB 147ms
140ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ced124ba89239e25f413a5d21bb59087d1e651b0ff2710a73097dff91d7407

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 511429
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Apr 2023 20:22:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64307b96-2f2b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78118ae52bd6-FRA
expires: Wed, 10 Apr 2024 19:01:47 GMT

GET
H2 200 jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 20 KB
7 KB 250ms
243ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.f4d73313b7ce7a32500a94c38e2d2ca2.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:10 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6413705e-512b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119ae62bd6-FRA
expires: Wed, 27 Mar 2024 12:11:27 GMT

GET
H2 200 additional-methods.54cac72c4ecc4fe6191818374fa8d218.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 15 KB
4 KB 148ms
142ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/additional-methods.54cac72c4ecc4fe6191818374fa8d218.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 69546
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137060-3a2f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119ae72bd6-FRA
expires: Wed, 27 Mar 2024 12:11:27 GMT

GET
H2 200 jquery.validate.custom-methods.7529deb5615a27af839a4621b5b71896.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
1 KB 149ms
143ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.validate.custom-methods.7529deb5615a27af839a4621b5b71896.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4ce3d24306a3cee56d07eb3af0f6b7fc272f8813b06a801619ef730c497608

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 214224
cross-origin-resource-policy: cross-origin
last-modified: Thu, 06 Apr 2023 14:33:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"642ed824-e8b"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119ae92bd6-FRA
expires: Fri, 05 Apr 2024 18:19:32 GMT

GET
H2 200 tnt.access.log.5e1dee03adf0fcef2e85f576b6bdac3c.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 6 KB
1 KB 252ms
245ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6293e525b90238cae9d23d36d15ed64f780635d5a1736fff4ed5103e444af2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 19 Jan 2023 22:31:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63c9c4ad-1939"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119aea2bd6-FRA
expires: Wed, 24 Jan 2024 20:02:35 GMT

GET
H2 200 tnt.access.log.legacy.025ae9c938a39be8e1868bd3062860e8.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 4 KB
946 B 149ms
142ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702533d847cd3926bc7d2eaf1dede91f6725603bafb029755c02d2cda2bfab6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 36381
cross-origin-resource-policy: cross-origin
last-modified: Fri, 03 Feb 2023 14:56:32 GMT
x-vcache: HIT
server: cloudflare
etag: W/"63dd20a0-e5d"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119aeb2bd6-FRA
expires: Wed, 07 Feb 2024 20:02:28 GMT

GET
H2 200 tnt.access.output.subscription.8ef15e98666881780fc35aad3af5f594.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
835 B 148ms
142ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2d514664135a6751de3342fff9ac0b04ddcb9fd172b9b457e0b1bc3fc08ff75

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 70308
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137058-813"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab78119aec2bd6-FRA
expires: Thu, 21 Mar 2024 06:42:29 GMT

GET
H2 200 tnt.access.output.laterpay.7a6e72d83c11470ac72ce2b2f5d9fdbd.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
1 KB 305ms
299ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137057-9cd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb4a2bd6-FRA
expires: Wed, 27 Mar 2024 11:07:28 GMT

GET
H2 200 tnt.access.output.customjs.1480f2a51e2939dd767e130e3406e489.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 2 KB
708 B 295ms
290ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137057-638"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb4c2bd6-FRA
expires: Wed, 27 Mar 2024 11:07:28 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
486 B 206ms
201ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 209876
last-modified: Thu, 21 Jul 2022 21:06:45 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9bfe5-3ad"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb4e2bd6-FRA
expires: Wed, 26 Jul 2023 08:45:18 GMT

GET
H2 200 tnt.ads.core.d94d9878872bdd55fc73a2ddcc708c99.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 12 KB
4 KB 207ms
201ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.d94d9878872bdd55fc73a2ddcc708c99.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e40b87528206970058c9ce6a19d49daa45a9b8d954284b5538a1e101e1a14fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 36380
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Apr 2023 14:41:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6438149e-311e"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb502bd6-FRA
expires: Wed, 17 Apr 2024 19:01:49 GMT

GET
H2 200 withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 2 KB
1 KB 204ms
199ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 618734
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:14 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137062-9c5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb522bd6-FRA
expires: Wed, 27 Mar 2024 12:45:42 GMT

GET
H2 200 jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
461 B 209ms
203ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 70308
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:34:18 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6424688a-591"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb532bd6-FRA
expires: Tue, 02 Apr 2024 19:31:35 GMT

GET
H2 200 jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 976 B
525 B 210ms
205ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 618734
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:39:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137064-3d0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb542bd6-FRA
expires: Thu, 21 Mar 2024 06:42:29 GMT

GET
H2 200 tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/ 5 KB
2 KB 211ms
206ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf3bfb5c974a3a22c04b2614f61efab99657d7142e12bc7c791c357229a650c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 24711
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:40:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137093-1281"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb552bd6-FRA
expires: Wed, 27 Mar 2024 13:07:18 GMT

GET
H2 200 dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 1 KB
576 B 207ms
202ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.f21a39a840fa65b4d17399310c9dbb30.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

950c1afb996a514a2c42fcbe09b9f2406fd5c4833b57d31dd2967ed6c127ae0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 655749
cross-origin-resource-policy: cross-origin
last-modified: Thu, 16 Mar 2023 19:38:58 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64137052-579"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb562bd6-FRA
expires: Wed, 27 Mar 2024 13:07:18 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 208ms
203ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 223563
cross-origin-resource-policy: cross-origin
last-modified: Wed, 29 Mar 2023 16:33:55 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64246873-1015"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7811fb572bd6-FRA
expires: Tue, 02 Apr 2024 19:31:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
70 KB 439ms
157ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bcc052a1089141379607fd72fbea5d838829ee97cedc3903b39c7bd874001c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71125
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 06:53:14 GMT

GET
H2 200 var=tncms_siteaud Show response
ad.crwdcntrl.net/5/c=14154/pe=y/ 77 B
312 B 516ms
168ms Script
application/javascript 52.214.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=14154/pe=y/var=tncms_siteaud
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/javascript;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.12
content-length: 77
expires: 0

GET
H2 200 recaptcha__ka.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 441 KB
167 KB 413ms
134ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__ka.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=signupVkCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e27470d1cea6277844e64b2b9bb57689fa5ea25bd4ec8fad36f9ff3345eef4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.state-journal.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170652
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 02:01:23 GMT

GET
H2 200 b-f140f48-8b19d3fb.js Show response
tagan.adlightning.com/townnews/ 77 KB
29 KB 154ms
150ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0e87af47a13553e099e608e39a835bd145b145665ba8dd1143d5678c112dd3b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 23:34:36 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: ZSilk9X9RZ0R79qY9f4EjmCDCBneUEbu
x-amz-cf-pop: FRA60-P4
age: 1322318
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29237
x-amz-meta-git_commit: f140f48
last-modified: Tue, 24 Jan 2023 18:42:51 GMT
server: AmazonS3
etag: "50a39e0b06ded9208e411eb2960faa09"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yDuh9KfzDeMVkDR38fK4GXSxmLgMQ8oh95DD4FV4RV_RUFw4x-kSqg==

GET
H2 200 bl-deea5a1-0155041c.js Show response
tagan.adlightning.com/townnews/ 59 KB
26 KB 210ms
206ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-deea5a1-0155041c.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cc907a1e396d946635f947642fc795611c92a76a5f22a904b2b1ec3c0c954a5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:12:06 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: JjN_EGXppgfFJz3bLtHBmw9nWXD5RYD_
x-amz-cf-pop: FRA60-P4
age: 225668
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25681
x-amz-meta-git_commit: deea5a1
last-modified: Mon, 17 Apr 2023 16:11:34 GMT
server: AmazonS3
etag: "0f125410d3e0da048398dee3745d2b55"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: y3LOYjAEdhKe9FYmnzRVIhJP_Wmi6nnlK1jBxFBiS3AL2796sMXwGA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 226 KB
56 KB 451ms
162ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2df373f0579aa7c6c99294140954d55fc8a147a11074697818ad4fd38f96ee20

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:18:53 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 2062
etag: W/"37f8e14707921aa7b20e1e5128af21cc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: lo0O3vc5zOp1KzdNCkcvFjNBti3Da_DL4Ppjy5numDnQcfaFaW5-Xg==

GET
H2 200 tracker.gif
www.state-journal.com/shared-content/art/stats/common/ 0
145 B 217ms
216ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.state-journal.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=168197359378116001200743807128970&tnms_dt=10%20Legitimate%20Sites%20to%20Buy%20Instagram%20Followers%20Securely%20%7C%20Sponsored%20%7C%20state-journal.com&tnms_upage=1&tnms_do=www.state-journal.com&tnms_uri=/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&tnms_ref=&rt=1681973593787
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v19/ 25 KB
25 KB 694ms
413ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:41:53 GMT
x-content-type-options: nosniff
age: 25881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25184
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:26:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:41:53 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 542ms
281ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 190323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 650ms
389ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:39:07 GMT
x-content-type-options: nosniff
age: 159247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:39:07 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 32 KB
32 KB 482ms
221ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:23:46 GMT
x-content-type-options: nosniff
age: 12568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 03:23:46 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 398ms
138ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:15 GMT
x-content-type-options: nosniff
age: 159659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:15 GMT

GET
H2 200 3634c866-2a33-11e9-9d2f-fb9da4efb5fe.png
bloximages.newyork1.vip.townnews.com/state-journal.com/content/tncms/custom/image/ 11 KB
11 KB 167ms
167ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/content/tncms/custom/image/3634c866-2a33-11e9-9d2f-fb9da4efb5fe.png?resize=750%2C146

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b48338e53b36b09c8e5ea8dbf46cf0afffab595738ca315f12e70672268b4c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:13 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 136655
cf-polished: origFmt=png, origSize=13870
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="3634c866-2a33-11e9-9d2f-fb9da4efb5fe.webp"
content-length: 11126
cf-bgj: imgq:85,h2pri
last-modified: Wed, 06 Feb 2019 17:18:25 GMT
server: cloudflare
x-vcache: MISS
etag: "ac93deb895f4fbb60dc7eeb65d87d124"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7bab7811fb5f2bd6-FRA
expires: Tue, 16 Apr 2024 19:02:33 GMT

GET
H2 200 / Show response
www.state-journal.com/tncms/access/rules/ 76 KB
7 KB 217ms
217ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.state-journal.com/tncms/access/rules/

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

3fe3ea9025aecb864f3674d6efb7f7b3265a0aeca803097888398202df9b425f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
X-TNCMS-Access-Version: 2022-11-15 15:01:14
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 21:35:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33436
content-length: 6749
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Apr 2023 21:35:56 GMT
x-vcache: HIT
etag: W/09e2deb621a935e06245a762303be46d
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-Version, Origin, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.69.1; app13; 0.82s; 2.8M
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 number-frame-1.104.html Show response
core.spreedly.com/v1/embedded/ Frame 35BA 2 KB
2 KB 113ms
113ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/number-frame-1.104.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a2ffb86712b48ab86e38310b2db1d56246306409dd13c20b6c6722c74f776c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 3147
content-length: 1973
content-type: text/html
date: Thu, 20 Apr 2023 06:53:14 GMT
etag: "2583270d1c44dc4082ccda39618388d2"
last-modified: Tue, 18 Apr 2023 14:03:18 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: +Lx4A4eOCo0NN7GXbVvZNkykw4iWSCAZP1mfRBUVRPqSsS8ZWdOznboXR/7G/wAVXTocNSPrTT8=
x-amz-request-id: WTGPY2CGMZ466NCR
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-sof1510028-SOF
x-timer: S1681973594.133759,VS0,VE1

GET
H2 200 cvv-frame-1.104.html Show response
core.spreedly.com/v1/embedded/ Frame 4667 5 KB
5 KB 115ms
115ms Document
text/html 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/v1/embedded/cvv-frame-1.104.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
age: 3147
content-length: 4842
content-type: text/html
date: Thu, 20 Apr 2023 06:53:14 GMT
etag: "023107333aa836578a0fa9f40d953431"
last-modified: Tue, 18 Apr 2023 14:03:16 GMT
server: AmazonS3
strict-transport-security: max-age=31557600
via: 1.1 varnish
x-amz-id-2: 2Ps0ADOQRBEdWpX4sgaF/WypmpNgfsFzUoIU8LDSFuQ7WeWxYzVn9AEUglYCWwT1zbFpmym16b4=
x-amz-request-id: WTGS32G111MGSJ2P
x-amz-version-id: null
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-sof1510028-SOF
x-timer: S1681973594.134546,VS0,VE1

GET
H2 200 var=tncms_aud Show response
ad.crwdcntrl.net/5/c=9613/pe=y/ 73 B
308 B 169ms
168ms Script
application/javascript 52.214.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=9613/pe=y/var=tncms_aud
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 021ad1922ab3b6e1d8da0ddb300425284daf76bab7c60e61451f42fb5fe3bc80

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/javascript;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.255
content-length: 73
expires: 0

GET
H2 200 102915c4-f977-11e8-9c76-6fed807c28d9.png
bloximages.newyork1.vip.townnews.com/state-journal.com/content/tncms/custom/image/ 5 KB
5 KB 141ms
140ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/content/tncms/custom/image/102915c4-f977-11e8-9c76-6fed807c28d9.png

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7585323c138f323ec979f3fccc9f61ba807bc04d236e3443fe664c0eae99d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 21172
cf-polished: origFmt=png, origSize=6918
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="102915c4-f977-11e8-9c76-6fed807c28d9.webp"
content-length: 5152
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 Dec 2018 16:50:40 GMT
server: cloudflare
x-vcache: MISS
etag: "5c095360-1b06"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7bab7813fdc42bd6-FRA
expires: Tue, 16 Apr 2024 18:37:07 GMT

GET
H2 200 / Show response
www.state-journal.com/tncms/access/user/ 484 B
866 B 243ms
243ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.state-journal.com/tncms/access/user/

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/shared-content/art/tncms/api/access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

a2cb8f08c465683d7cfd51dbbc4ff0bd55185e656dc60e2073408976b9d59d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-TNCMS-Access-User: anonymous
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 267
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://admin-newyork1.bloxcms.com
x-tncms: 1.69.1; app9; 0.02s; 0.9M
cache-control: private, max-age=3600, must-revalidate
accept-ranges: bytes
x-robots-tag: noarchive
access-control-allow-headers: X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User

GET
H2 200 number-frame-1.104.min.js Show response
core.spreedly.com/iframe/ Frame 35BA 109 KB
109 KB 120ms
120ms Script
text/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/number-frame-1.104.min.js?restricted=true

Requested by

Host: core.spreedly.com
URL: https://core.spreedly.com/v1/embedded/number-frame-1.104.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

946c24a6f5633ceab3c85bc53f68096fc040c22d6c9919eacb8695fc104f02f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://core.spreedly.com/v1/embedded/number-frame-1.104.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 20 Apr 2023 06:53:14 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
x-amz-request-id: 16NKZGNDQXJGM467
age: 3139
x-cache: HIT
content-length: 111589
x-amz-id-2: jt8TUWy1XIlXcqMAuwBCxwF1JE7VOYcLlf2tnHNjSB04tVgVbYgLPRC/ASyqZ3rsu0vuztZjUDg=
x-served-by: cache-sof1510028-SOF
last-modified: Tue, 18 Apr 2023 14:03:13 GMT
server: AmazonS3
x-timer: S1681973594.263569,VS0,VE1
etag: "f797089822a6f043ac5c9a5acb336639"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 581 B
936 B 505ms
505ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.state-journal.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 9c55c575cd2d3c03eeb7861f21c8cf4f19071f7cfc5c035f7c07af12f7f37bee

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 581
x-amz-cf-id: 2owwGXeLEBpnLezzOGSClpBSjyXZ5UCzHdaQhjRec5S0XO7rdtjeEw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 411ms
143ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 00:40:01 GMT
x-amz-cf-pop: FRA56-P3
age: 22394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: BWwa7cF3g1nXK-N4LQhIvLI79hbONGcfX2uvE6cgDEYI4yovbLoDCQ==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 210 KB
65 KB 433ms
141ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:34:20 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172296
accept-ranges: bytes
content-length: 65523
expires: Sat, 22 Apr 2023 06:44:50 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 238ms
237ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:09:16 GMT
x-content-type-options: nosniff
age: 157438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 11:09:16 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 29 KB
29 KB 147ms
146ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|Lato:400,700,900,900i|Open+Sans+Condensed:300|Open+Sans:400,600,700,700i,800|Crimson+Text:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:44:52 GMT
x-content-type-options: nosniff
age: 158902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:44:52 GMT

GET
H2 200 / Show response
www.state-journal.com/tncms/search/mlt/ 15 KB
6 KB 364ms
363ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.state-journal.com/tncms/search/mlt/?origin=f6c484f2-f08a-11eb-8d91-7fd3422fcd66&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

8e60779039de20762a5129750d4ec1ce8938d7fdb5ad80d44fbea86ad2f6ced5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 5924
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 23 Aug 2021 17:34:35 GMT
x-vcache: MISS
etag: W/a2e6a9dc5b75e705c9dcade6bafd7ce5
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.69.1; app5; 0.04s; 2.1M
cache-control: public, max-age=300
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/ 400 KB
124 KB 137ms
136ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073971

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19053
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126862
x-xss-protection: 0
server: cafe
etag: 16869941564567738629
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:35:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 504 B
269 B 437ms
169ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.state-journal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

59ed42970dc2f1c3ff5b8878100af234399f64dd4b67d8f1fb7e1fe5fc335138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:14 GMT

GET
H2 200 / Show response
www.state-journal.com/tncms/search/recommend/ 17 KB
2 KB 420ms
420ms XHR
application/json 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.state-journal.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=crash%20victim

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

177e7e00dcccb1627641e86c36f153f9e9a0ccbf3d87904f15a471f75a272bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 1911
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Apr 2023 06:53:14 GMT
x-vcache: MISS
etag: W/4dd3ea031dbc528a4b899a2749917c53
x-frame-options: SAMEORIGIN
vary: X-IPCountry, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.69.1; app21; 0.17s; 1.8M
cache-control: public, max-age=600
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 409ms
133ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 06:35:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1051
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 08:35:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
44 KB 150ms
150ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3b12dbbd8709866d74dbd778b744f8939c13ee01c3e4916bf3df6e3683ff0210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45086
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 06:53:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
60 KB 157ms
157ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7d6d64db1af5e9a2b12b10acfab77a0223c361d4e776c83009dc7f2f5aaa11ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60993
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 06:53:14 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 204 B
649 B 863ms
445ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&pid=YVc9aJNcFbken&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22tnt-smart-ad-1%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22300x250%22%2C%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C1613683%2Fstate-journal.com%2Fsponsored%22%7D%2C%7B%22sd%22%3A%22ad-1061246%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F132916964%2C1613683%2Fstate-journal.com%2Fsponsored%22%7D%2C%7B%22sd%22%3A%22ad-775052%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F132916964%2C1613683%2Fstate-journal.com%2Fsponsored%22%7D%2C%7B%22sd%22%3A%22ad-775072%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F132916964%2C1613683%2Fstate-journal.com%2Fsponsored%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

9a53831155202f4c87a3b8401f892fcebde8c94aa62f808abe5ce1eef4544b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: DB9R1ZX4P47T48S2Q1JH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 204
x-amz-cf-id: Ij2ngJjqWWyzDK5iS64IQIznsFemHw5TbLDitiNLphs7XuT7tULGoQ==

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 676ms
223ms Preflight 54.205.66.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.66.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-66-186.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 20 Apr 2023 06:53:15 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 520ms
144ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: CGVG88B5QEQHEE0J
age: 467
etag: W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bab781a9ff13651-FRA
x-amz-id-2: Lyz+3+qb97ENSAKcDmIVpukK1dSQup/1p7jjj8OvBGs71JKiRSfyxsI7V4mp3WB9y3mSPiK/YikxhEvqJHZ3Rg==

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
460 B 224ms
224ms XHR
text/plain 54.205.66.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.66.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-66-186.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:15 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 5E78 48 KB
27 KB 154ms
153ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuc3RhdGUtam91cm5hbC5jb206NDQz&hl=ka&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=b430t16yv83q

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

b697e5eebd5b9f73a593ec027d628a4afbd1984d6e7e07d50a6d400cfcac9b0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DXdSN98b9fMQwxQ6o9H_yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27117
content-security-policy: script-src 'report-sample' 'nonce-DXdSN98b9fMQwxQ6o9H_yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 06:53:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET /
trends.revcontent.com/api/demand/ 0
0

GET sync
trends.revcontent.com/ 0
0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 103 KB
28 KB 465ms
160ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0141bdce01833d9d5834faec8e6c165c1b517b7fd38135b03256746e077f42f1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: v3wASLoKz4oPo5lk6nN6.MJVz3LXm3k1
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 06:52:47 GMT
x-amz-cf-pop: FRA6-C1
age: 28
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Apr 2023 08:03:06 GMT
server: AmazonS3
etag: W/"6fa54b9dfee01312ed24b273144b9b38"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: N9s6uZCX3g9xp9HMbsmmO7Y97r2BLDIdziMNJZ5rtKtKcDKWAK0SLw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 146ms
146ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3912c4e15d6da41881a29834b9e7ef397c52c001cbc95988e8ef553be185bc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 06:53:15 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 5E78 55 KB
24 KB 403ms
134ms Stylesheet
text/css 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuc3RhdGUtam91cm5hbC5jb206NDQz&hl=ka&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=b430t16yv83q

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 23:06:27 GMT

GET
H3 200 recaptcha__ka.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 5E78 441 KB
167 KB 471ms
203ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__ka.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e27470d1cea6277844e64b2b9bb57689fa5ea25bd4ec8fad36f9ff3345eef4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170652
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 02:01:23 GMT

POST
H2 200 /
www.state-journal.com/tncms/tracking/tncms-dmp/audience-extraction/ 0
152 B 217ms
217ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.state-journal.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A9613%7D&i=1681973594090,
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
real-hostname: state-journal.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

OPTIONS
H2 200 api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 525ms
175ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 06:53:15 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 6
x-rc-region: eu-west-1c

POST
H2 204 api-errors
yeet.revcontent.com/yeet/events/ 0
0 192ms
192ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:15 GMT
x-envoy-upstream-service-time: 22
server: envoy
vary: Origin

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
443 B 435ms
142ms XHR
application/json 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

3ff549ba57ab7dc856cf8d80c4d6bd408a7b732be3de11d4b4807fd52f243ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

OPTIONS
H2 200 api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 326ms
175ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 06:53:15 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 6
x-rc-region: eu-west-1c

POST
H2 204 api-errors
yeet.revcontent.com/yeet/events/ 0
0 203ms
203ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:15 GMT
x-envoy-upstream-service-time: 34
server: envoy
vary: Origin

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 19 KB
10 KB 276ms
275ms Fetch
application/json 52.208.190.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=217056&width=1600&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&icr_url=&va=0&user_uuid=undefined&time=1681973595330&up=pc&bn=chrome&bv=89&widget_width=1140&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.208.190.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-190-244.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

6d62a37fa40b7ab69397b5adb5424590a42bbeb26cac31b34e1dde4b5006c17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Thu, 20 Apr 2023 06:53:15 GMT
strict-transport-security: max-age=931536000; includeSubDomains
content-encoding: gzip
server: envoy
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.state-journal.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 97

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
408 B 1068ms
500ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

b075e369d59f07abaa06a79966cae6a73e411580bff602a899a86067d6cdce9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.state-journal.com
date: Thu, 20 Apr 2023 06:53:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 2 KB
1 KB 493ms
230ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f31450bd00bdf0696038a5b9edf8ac3984bdbaf47f839cc5f1d10985885546a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nwFY9OanBh1ny7eoCLn47xzChyDEm0JZ
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 06:31:29 GMT
x-amz-cf-pop: FRA6-C1
age: 1313
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Apr 2023 19:44:10 GMT
server: AmazonS3
etag: W/"97a6173cf6a6b0eca414aaca4a061a8d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: vsCg9WDdeBEkTCjls3peLinjx8pOnntCcCmsafK42d1fF3MGgl7Jqw==

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 180ms
180ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-99-213.eu-west-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Thu, 20 Apr 2023 06:53:15 GMT
strict-transport-security: max-age=931536000; includeSubDomains
server: envoy
vary: Origin
access-control-allow-origin: https://www.state-journal.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 23 KB
7 KB 139ms
139ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: ceb731414616837d5947ccd22c0f009ddc9cc7b4730a4932f9debde250e9c471

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:09 GMT
server: AmazonS3
x-amz-request-id: 9QCGKY52RGCAFFHH
etag: "9e580ab6dfd6f2042f90670df9f979b9"
x-amz-server-side-encryption: AES256
x-hw: 1681973595.cds259.fr8.hn,1681973595.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 7092
x-amz-id-2: WRgNXgs3YvX/5PAtiD4ldJ+Hwg2mZQhizWnvHCn71uuf/Du9aKNlM0GRfT4sEX1lP1vg98OJSI8=

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 17 KB
6 KB 144ms
143ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 8bf4eaf0907b9b67cc992b414b8e1a1a3ed634d910a6ec4842f08fcc06b1aab9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:07 GMT
server: AmazonS3
x-amz-request-id: 9QCW6Z40VKXP1PCR
etag: "39222c6f1c5d8ed1567028794b96a78f"
x-amz-server-side-encryption: AES256
x-hw: 1681973595.cds259.fr8.hn,1681973595.cds280.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 6238
x-amz-id-2: EXYxHH+d/HAm70Kh9UqQGrN90/XJVcolkbzCax2goMouIQ5CzL0kb0hN4JZnoAzQcCjcTNK9EC0=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 151ms
151ms Script
application/x-javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: e3b51420d0d2ec905c232e07b8c28926305a18268dbc98e5134b0d172e0f340c

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:15 GMT
content-encoding: gzip
last-modified: Fri, 14 Apr 2023 14:15:06 GMT
server: AmazonS3
x-amz-request-id: 9QCW6D1QXRBQ1VH2
etag: "4edf14e0d4b88a88795237f9870e408b"
x-amz-server-side-encryption: AES256
x-hw: 1681973595.cds259.fr8.hn,1681973595.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=600
accept-ranges: bytes
content-length: 1666
x-amz-id-2: 5xFdIO9/zv5tPcN/Uw4zL+6+g2PU/LL/DraxUi/2Hpzr265g3mhg9SqNPO2TRwoI1rDuhcHWevo=

GET
H2 200 /
img.revcontent.com/ 1 KB
1 KB 781ms
137ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
etag: "1654183362"
x-hw: 1681973596.cds135.fr8.hn,1681973596.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351

POST
H2 200 publisher:getClientId Show response
ampcid.google.ge/v1/ 3 B
372 B 534ms
141ms XHR
application/json 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.ge/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ge/adsid/ 107 B
531 B 518ms
142ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ge/adsid/integrator.js?domain=www.state-journal.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 697ms
145ms Script
application/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.state-journal.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 130 KB
28 KB 520ms
520ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=872668161087704&correlator=1334061830536279&eid=31072879%2C31073971%2C31070232&output=ldjh&gdfp_req=1&vrg=202304110101&ptt=17&impl=fifs&iu_parts=132916964%3A1613683%2Cstate-journal.com%2Csponsored&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90%7C300x250%7C2x1%2C2x1%2C728x90%7C970x90%2C970x90%7C728x90&fluid=height%2C0%2C0%2C0&ifi=1&adks=1953149353%2C1034830900%2C751978533%2C3538995217&sfv=1-0-40&prev_scp=pos%3Dfixed_automatic_ad%2Cfixed_automatic_ad1%26amznbid%3D2%26amznp%3D2%7Cpos%3Dimpact-top%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleaderboard-top%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=browser%3DChrome%26asset_id%3Df6c484f2-f08a-11eb-8d91-7fd3422fcd66%26k%3Dcrash%2520victim%26page%3Dasset%252Carticle%252Capp-editorial&sc=1&cookie_enabled=1&abxe=1&dt=1681973595695&lmt=1629740075&dlt=1681973592933&idt=1864&adxs=315%2C799%2C230%2C315&adys=1199%2C0%2C620%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&frm=20&vis=1&psz=1140x1%7C1600x1%7C1140x90%7C1600x-1&msz=1140x0%7C1600x1%7C1140x90%7C1600x-1&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1873232917.1681973596&ga_sid=1681973596&ga_hid=1827415295&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073971

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

917682ab21e5f84ad5f775e67d283cbdd01e019e20dc37bc17092b1dee91ab50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28153
x-xss-protection: 0
google-lineitem-id: 6259135885,-2,6267639335,6266916193
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428051182,-2,138429176635,138429176047
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AE53 6 KB
3 KB 423ms
138ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js?cb=31073971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 06:53:16 GMT
expires: Fri, 19 Apr 2024 06:53:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

iu3 Show response
aax-eu.amazon-adsystem.com/s/ Frame A069
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t

333 B
1 KB

328ms
328ms

Document
text/html

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1549672fcf872a82a89518f33a7c3b0c91b64b5cea4320f7b7655c163bdb255a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 333
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 20 Apr 2023 06:53:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 76GVGCJQD965Y5Q9ESXG

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Apr 2023 06:53:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 7C56MKM6JWCG6P7RD7EA

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 2 KB
2 KB 421ms
138ms Image
image/png 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
last-modified: Wed, 12 Apr 2023 19:12:49 GMT
etag: "1681326769"
x-hw: 1681973596.cds125.fr8.hn,1681973596.cds337.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28
accept-ranges: bytes
content-length: 2091

GET
H2 200 ad77b7c69b61ff951953628b76e8ddad.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 14 KB
14 KB 416ms
139ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ad77b7c69b61ff951953628b76e8ddad.jpeg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

12ab488b7c6b85c938979a2e4c26e5f0cb704641850e7a51e58391e4936afdeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 05 Jul 2022 17:02:07 GMT
server: Cloudinary
etag: "58de95df793b704f18b2d7d2f98f934d"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds242.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2022-07-05T17:22:05.625Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 14160

GET
H2 200 d9081606fbb02bc96d987560c9186c1a.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 21 KB
21 KB 513ms
239ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/d9081606fbb02bc96d987560c9186c1a.jpeg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

23b29275e5fd8e4bcaab36866c8876101466870fb19b350ef0b78bd36fefdb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 01 Jul 2022 12:45:11 GMT
server: Cloudinary
etag: "48a7fd936bfb0f248f58ea9f992e3114"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds017.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2022-08-09T07:50:52.113Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 21054

GET
H2 200 63fea81ac9bc39-71640898.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 498ms
226ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63fea81ac9bc39-71640898.jpg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

0434a5df0a3b4ac5c9a49a19930876fc343901ed6a0de034c92cc13282e5c85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cloudflare;dur=484;start=2023-03-01T02:18:27.196Z;desc=miss,rtt;dur=1;cloudinary;dur=19;start=2023-03-01T02:18:27.615Z
content-length: 8350
last-modified: Wed, 01 Mar 2023 02:16:05 GMT
server: cloudflare
etag: "4067f2b5ca75abdeefb541a89c7800a0"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7a0de8cfe8b937c8-FRA
timing-allow-origin: *

GET
H2 200 643d72348cd2f0-43511046.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 476ms
206ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/643d72348cd2f0-43511046.jpg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

cloudflare /

Resource Hash

af0cacb8d33363ac3fbc4eeff75bb55e5a1cc057b126f32ea71e3290cc0b5f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: cld-cloudflare;dur=122;start=2023-04-18T08:45:00.455Z;desc=miss,rtt;dur=1;cloudinary;dur=20;start=2023-04-18T08:45:00.507Z
content-length: 12111
last-modified: Tue, 18 Apr 2023 08:44:12 GMT
server: cloudflare
etag: "5f59aa6aedb12c353566d2a47742f870"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds163.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
cf-ray: 7b9ba10dca8439d4-FRA
timing-allow-origin: *

GET
H2 200 6304e201c40aa7-49317722.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
13 KB 555ms
287ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6304e201c40aa7-49317722.png

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2147a998963cd1f3e7f67b3609ae0314a2967082e6aa15d9675c4fc025339f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 16:48:45 GMT
server: Cloudinary
etag: "775ca070e6a10a9ac01b3b6496b339d9"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds253.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=3;cpu=0;start=2022-12-15T08:37:20.174Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 12699

GET
H2 200 604cf3a57812e8-27486575.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
11 KB 542ms
275ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/604cf3a57812e8-27486575.jpeg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

01b311ed63cc026ecca7673c5531608e5e7840b81256d485bf4994759c8cb937

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:15 GMT
server: Cloudinary
etag: "fc7ad231e79acdc5f109d8b5df1ddef3"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds120.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=115;cpu=0;start=2021-11-11T17:39:45.557Z;desc=miss,rtt;dur=0,cloudinary;dur=20;start=2021-11-11T17:39:45.606Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 10631

GET
H2 200 634fe991a564d8-72059781.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 261ms
261ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/634fe991a564d8-72059781.png

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

2fb12c7dd61c8eb56535807b6d42fe7e888962ba2ca8ad515e2afac63b228e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 12:09:56 GMT
server: Cloudinary
etag: "e5a81a0f62b58fec181a24f9522395dc"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds212.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2023-01-06T12:06:15.339Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 8159

GET
H2 200 63bf9ccc27c275-59245665.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 270ms
270ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63bf9ccc27c275-59245665.jpeg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

fd1c2baeeb4b9c810473123f0a2ab8050fcac0e2d4432af2542fc49822751143

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Thu, 12 Jan 2023 06:19:04 GMT
server: Cloudinary
etag: "4601aee169741e60742cd37470a4b4d5"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds161.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=121;cpu=0;start=2023-01-12T06:20:52.010Z;desc=miss,rtt;dur=0,cloudinary;dur=30;start=2023-01-12T06:20:52.056Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9336

GET
H2 200 63ca8db0c91ec5-68997158.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 15 KB
15 KB 281ms
281ms Image
image/jpeg 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/63ca8db0c91ec5-68997158.jpeg

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Cloudinary /

Resource Hash

02c558e07453e4766eea505e8e49e6409800f120c553ae1af14fd4c331276ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
last-modified: Fri, 20 Jan 2023 15:20:17 GMT
server: Cloudinary
etag: "3e17cbbc58edba43c9045d738b85887b"
x-hw: 1681973596.cds097.fr8.hn,1681973596.cds255.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=3;cpu=1;start=2023-01-20T15:23:23.153Z;desc=hit,rtt;dur=0
accept-ranges: bytes
timing-allow-origin: *
content-length: 15154

GET
H2 200 ajs-destination.bundle.2cd9e450202b69d545a3.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 133ms
132ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 00:54:52 GMT
x-amz-version-id: jZ2L92raJDMf08tukXqdJ6aGBdPFzdTy
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1490305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 20:14:52 GMT
server: AmazonS3
etag: W/"cc39e85781964199cd0d9501c897e385"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: UVwrHzlnsjuhzD0FY_oRxFiX3fTE-saE88OwUyK2c2gh4UUOHJ0KqQ==

GET
H2 200 schemaFilter.bundle.d0fc84c62e956d168cce.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 131ms
131ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 02:25:35 GMT
x-amz-version-id: VLQuST3Rg1zoSyN.SWag4b2R93Pv7oyc
content-encoding: br
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 8137662
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 00:06:36 GMT
server: AmazonS3
etag: W/"d6985af1d6ad9e8c2f97f24f7b27306e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: yOYDZgCcKipQjk_rhW7mdxSgH2iNUH7V5G_01v5D0xNeTXFeCwFBvw==

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 176ms
175ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 06:53:16 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 6
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 433ms
432ms Preflight 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 06:53:16 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 10
x-rc-region: eu-west-1c

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 257ms
256ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:16 GMT
x-envoy-upstream-service-time: 19
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 196ms
196ms Fetch 52.51.99.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.51.99.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-99-213.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:16 GMT
x-envoy-upstream-service-time: 27
server: envoy
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 438ms
145ms XHR
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-54716522-7&cid=1873232917.1681973596&jid=1289306770&gjid=663693242&_gid=919293913.1681973596&_u=YChAgUABAAQCAEAAI~&z=834840245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
151 B 237ms
236ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1827415295&t=pageview&_s=1&dl=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&dp=%2Fsponsored%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&ul=en-us&de=UTF-8&dt=10%20Legitimate%20Sites%20to%20Buy%20Instagram%20Followers%20Securely%20%7C%20Sponsored%20%7C%20state-journal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAUABAAQCAGAAIAB~&jid=1833215119&gjid=1362477393&cid=1873232917.1681973596&tid=UA-68637122-1&_gid=919293913.1681973596&_r=1&_slc=1&gtm=45He34c0n71PDQV3N&z=339808748

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 229ms
229ms Image
image/gif 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&aip=1&a=1827415295&t=pageview&_s=1&dl=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&dp=%2Fsponsored%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&ul=en-us&de=UTF-8&dt=10%20Legitimate%20Sites%20to%20Buy%20Instagram%20Followers%20Securely%20%7C%20Sponsored%20%7C%20state-journal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgUABAAQCAAAAI~&jid=1289306770&gjid=663693242&cid=1873232917.1681973596&tid=UA-54716522-7&_gid=919293913.1681973596&gtm=45He34c0n71PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=f6c484f2-f08a-11eb-8d91-7fd3422fcd66&cm1=472&z=154459562

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:02:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17433
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5E78 2 KB
2 KB 134ms
133ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:19 GMT
x-content-type-options: nosniff
age: 103917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 26 Apr 2023 02:01:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E78 15 KB
15 KB 139ms
139ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:06 GMT
x-content-type-options: nosniff
age: 159730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E78 15 KB
15 KB 144ms
143ms Font
font/woff2 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 159732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:04 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 5E78 102 B
134 B 150ms
149ms Other
text/javascript 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=ka&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

ba3ce251d647430e7b8ee4820916a475d4d9c420d4ec0dd4e14176f9f4d84823

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdF3BEhAAAAAEQUmLciJe0QwaHESwQFc2vwCWqh&co=aHR0cHM6Ly93d3cuc3RhdGUtam91cm5hbC5jb206NDQz&hl=ka&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=b430t16yv83q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 06:53:16 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 151ms
150ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:26:46 GMT
content-encoding: gzip
via: 1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 19591
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: QdBtnvmKgWLgB9qacykNJzNN0wIv5D6utbCTrV1zlH9bTuHtjUi7RA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 404ms
132ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:58:09 GMT
content-encoding: gzip
age: 129307
x-guploader-uploadid: ADPycdsDzJiSwyvy7v4dNQ2N4s3NvPoGb9go9GF4y0EXW9ZnX9PRuDafCuZDXbDH403UutOdt5eDzZZb2CtND1qRObs8ZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Wed, 17 Apr 2024 18:58:09 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 144ms
143ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: E4WC8ZW8FRBSGGPP
age: 3379
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7bab78211fe53651-FRA
x-amz-id-2: TMsGokgS315E6FqOBpK9yhlvLe7KChSKw0QjhrjgzOykJJ1NA1RdC2F8KGuLwT24kR5DpOJ39SZBKc9KV8oH4w==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 505ms
234ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3595
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXrsZ7Mv7ph7h9XrgkDjM1lYy3TGAdYcI6dsS0rLCINuNoDjFyTgsjX74%2FtmC1btXPQNuQoFFTY5P%2BsvZan08jxMfKVsQDh53IBw6rKSwaZgTbVE2bNPNa5s2ifhqer1bRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7bab7822c9182c75-FRA

GET
H2 200 b-f140f48-8b19d3fb.js Show response
tagan.adlightning.com/townnews/ Frame 8F45 77 KB
29 KB 211ms
210ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0e87af47a13553e099e608e39a835bd145b145665ba8dd1143d5678c112dd3b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 23:34:36 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: ZSilk9X9RZ0R79qY9f4EjmCDCBneUEbu
x-amz-cf-pop: FRA60-P4
age: 1322321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29237
x-amz-meta-git_commit: f140f48
last-modified: Tue, 24 Jan 2023 18:42:51 GMT
server: AmazonS3
etag: "50a39e0b06ded9208e411eb2960faa09"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: I4xfJWBdMpGcqQ4Nmq1TvcDl-6pmUmGks6zrZL-GgzQTtolGKJOMcg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F45 159 KB
49 KB 450ms
174ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 06:53:16 GMT

GET
H2 200 b-f140f48-8b19d3fb.js Show response
tagan.adlightning.com/townnews/ Frame B5EF 77 KB
29 KB 165ms
165ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0e87af47a13553e099e608e39a835bd145b145665ba8dd1143d5678c112dd3b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 23:34:36 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: ZSilk9X9RZ0R79qY9f4EjmCDCBneUEbu
x-amz-cf-pop: FRA60-P4
age: 1322321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29237
x-amz-meta-git_commit: f140f48
last-modified: Tue, 24 Jan 2023 18:42:51 GMT
server: AmazonS3
etag: "50a39e0b06ded9208e411eb2960faa09"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BHcTmlHcCI2AB4OnWIZ9Q_PHtGhP_BHEkUFzRTjjaivC4dY9SuIzaA==

GET
H2 200 3922720498486411817
tpc.googlesyndication.com/simgad/ Frame B5EF 38 KB
38 KB 553ms
276ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3922720498486411817

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

9014d93c86e52426a8c8ccf7227a1a3cb6171146fccb168c07c9cd7981bb8141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:26:36 GMT
x-content-type-options: nosniff
age: 5200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38560
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:21:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 05:26:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame B5EF 22 KB
9 KB 496ms
219ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:22:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame B5EF 3 KB
1 KB 552ms
275ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:22:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5EF 159 KB
49 KB 628ms
400ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 06:53:16 GMT

GET
H2 200 b-f140f48-8b19d3fb.js Show response
tagan.adlightning.com/townnews/ Frame 1DEF 77 KB
29 KB 142ms
141ms Script
application/javascript 18.66.147.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-119.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0e87af47a13553e099e608e39a835bd145b145665ba8dd1143d5678c112dd3b

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 23:34:36 GMT
content-encoding: gzip
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id: ZSilk9X9RZ0R79qY9f4EjmCDCBneUEbu
x-amz-cf-pop: FRA60-P4
age: 1322321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29237
x-amz-meta-git_commit: f140f48
last-modified: Tue, 24 Jan 2023 18:42:51 GMT
server: AmazonS3
etag: "50a39e0b06ded9208e411eb2960faa09"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cyt4kJQ1bgG7wODm2c6nghSNOe-2S1RnXWuTCqZXvKUVUae4dfZOOg==

GET
H2 200 13147747557605514872
tpc.googlesyndication.com/simgad/ Frame 1DEF 54 KB
55 KB 582ms
347ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13147747557605514872

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

3684c01ac71090704adc5937d7992a669fb3e07bb1f32481672f221f0c276c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55711
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:16:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 06:53:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 1DEF 22 KB
9 KB 455ms
220ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:22:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 1DEF 3 KB
1 KB 510ms
276ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:22:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DEF 159 KB
49 KB 571ms
385ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 06:53:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 155ms
146ms XHR
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-68637122-1&cid=1873232917.1681973596&jid=1833215119&gjid=1362477393&_gid=919293913.1681973596&_u=YCjAAUABAAQCAGAAIAB~&z=552964409

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 survicate.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/survicate/1.0.3/ 31 KB
8 KB 140ms
140ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/survicate/1.0.3/survicate.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b4834d2f44f07a9da65dd002108da7f574827f3bfadfc55d5885ae5d48169ef

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 05:56:18 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id: iGAq2MGKhCK26PNs0WmuIbUpnoUv7qQg
x-amz-cf-pop: FRA6-C1
age: 2509019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 7696
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
server: AmazonS3
etag: "6e9c384e02a329217f6eacce8a8af979"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 8ChMjJ-WkX-UdaHAuHR5XrsFD3Qwg3FYGzA_-kShzPLcGo2B4Dc1HA==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
617 B 524ms
179ms XHR
application/json 52.31.6.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.6.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-6-231.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 77ab2e5081c3eaf2933aaa01b21eec298568dd1d91fb4d97f03cdf3ab4a4a1af

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache
x-server: 10.45.23.95
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
330 B 434ms
141ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.state-journal.com
date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H/1.1 200 914.json Show response
id5-sync.com/g/v2/ 575 B
1 KB 422ms
142ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/914.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

09897905ec48432f0a886e41e5515838502b21bf0edc7035896692102ca8fa36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F45 0
0 176ms
175ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn01vYHSmfCf9WxovbnL2uiU16KvFTXkmqmo9DOFZoGAQmuEQgVvloSXK5A01N66LC0e-we7bfVxhzs6BNyyZ2CPXDL7cvAXQtWen0rZlfda7cQ_pe4KR4aJE5bzMA5R9pww-g5YoLLEKVFo45FXPvDJfe2EUAZN7VU5YIpPeFkxeDmdin0p6mnQCnz2e5yRik-2SO2yFR_3efr1xNHcP7nQ6CwqmoxLZ6s3nCKrzXRldwbhD42LjZxix8Xab5E5ltK5bKFzz45DZOCH6mO403GOGDUWGoD9rj4byiFgArCzuSXJ7s45mgQeehLv_GeUu8qajeW6lcUkdYg8ORkzQY4OckKHPuYQ&sai=AMfl-YRA-IPDOd61KSdp_hTH-CRjvpugkMs-vMjV73aGXSQ3BEKeAvyl6o9_2txfytJF-Ux2kyiIak-P_XduZsdNZTxkDKn-QNoEdyyFpU4s1jBlZHpZqtgzn60_AU5CwK-r--jQH0O9FRVaTw-7fyuz&sig=Cg0ArKJSzFe4LgU779dDEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:16 GMT

GET
H2 200 reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js Show response
bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/ Frame 8F45 8 KB
2 KB 141ms
141ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

648020d63cb5cdaf56ba54fcbc03fcab9edeaeba50c2fd630ef777fe715a6441

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 61044
cross-origin-resource-policy: cross-origin
last-modified: Fri, 07 Apr 2023 20:23:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64307bce-1e51"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7bab7823c8622bd6-FRA
expires: Wed, 17 Apr 2024 05:00:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5EF 0
0 176ms
176ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzmMl_miRNr6bYR0cxlhS1EVSnFWI_cEBw4slvOpvWif19F2xxmTiawJOnODrmy7a5j3Gu7MrmREG-O8j1geQ8NFF-zPhU4Gc_4roWZKrHDDwmCt8dF3mocoaLj6iCai038HQGjfZHVDvFf9wYPV_L1pzGTXU8zgu6Qp6nVQC8E3DblvF45rhjIMQYb5sxhyYfLdvjOvWX_MKPx4V-l4Cjbol3rfatW-Zv8uyKncTkNlvh7vznSu6bXzr5qKeTN5Zh1nsBeWFRVHdslPRU3woysWm0G5h5T_wHKgIXZJzmj1f75M53sQAoxN1FzfF6SlAZ642-eXMalVAK6XaLMjLihPYxyUSvR1s&sai=AMfl-YT4xoAPvi9NcZSoBuUQWvgNdoC3IL5zWu5T1rGwf5Ctr6HaHKItlGywsjV5SL69669GYMh4C_puIa4Ak8oouBiRAEQtunZfm_h3VYzrvE0dn3RiEC9UeaxInv1q8y5Fw4hHS5g9hfhuhzCSWUd2&sig=Cg0ArKJSzH02fCQXwv-ZEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DEF 0
0 179ms
179ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFNO8pgRo5BvLCuJS6lwWpLzUCjYa4smeKM4-zFJB8rCySD1ZcKUbM6P8gUexduSjl5qJAQqdfbyqhZKBpDHN_FRfxhNYhUXdqJw6pa8rtkbhnV89VaWImfA9raVJNqjQpdq6lNBF93pEHWpb01XBTu8UOhfbwP6xbj19jLOhfATL8DrNO4n2DHXtmaCc13ypDzsbxE9E7Iscg0PnO1ESKlU6yNDBsTINgZicGiR1pvIJ5T4F6xajAJ_dNmFpcp8AZHPlT7ykDfrrbS7k18YbKLMCljFMIhQICQw36dFaOmCQqf9VrcWPvEu5h4D03YzQwh3F-2tyLdlrBVnDwDK8LI8Oy_GbXvA&sai=AMfl-YSDkE3CeAuvSkkOmK4V49dCVFS8hjHgTvyklQ-65an8BdTu5jNPcBT6oCHZ50QAfHcMcKGJseTkowMCYEoqVal0F2JKq-OuSckdjIMzt40LT1rpdeNnCpQr7kyGfMV5tl6vJ758aBYAALPCIjME&sig=Cg0ArKJSzNrxisPHEXI3EAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
aax-eu.amazon-adsystem.com/s/v3/ Frame 7628 2 KB
3 KB 173ms
173ms Document
text/html 52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

a7513ec7dfbbc4581b05203ecda10a9f1f3afeb5b08cc21d1b8bf730cbba5b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2202
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 20 Apr 2023 06:53:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: NV7KC16E00SFKD826XX4

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 146ms
146ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 05:25:55 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-version-id: _CDAHRpSMnFhUQgRIVvCIby4N2cITv0X
x-amz-cf-pop: FRA6-C1
age: 91643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 17 Apr 2023 06:44:02 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: SOy7AcmQMJ3EEA59QUYcQIhvTY0nX9fNDb7DtM1E4sLvQP99N3D2pA==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 659ms
254ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.state-journal.com%2F&domain=www.state-journal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.state-journal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Apr 2023 06:53:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 316926
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
254 B 625ms
235ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001kQgaMAAS&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.state-journal.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
380 B 445ms
148ms XHR
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.state-journal.com%2F&domain=www.state-journal.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 262783
expires: 0

POST
H/1.1 200 1285.json Show response
id5-sync.com/g/v2/ 569 B
1 KB 142ms
142ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1285.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

1f58132b127c1028047f71d399a109b7dbba44548092dbeb95639cc9a71462a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.state-journal.com
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 75 B
827 B 204ms
179ms XHR
application/json 52.214.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ce1ddf5fb93c722173734afdbd9006a376d85fb11c563cca430517e357e85227

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:17 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.state-journal.com
cache-control: no-cache
x-server: 10.45.10.12
access-control-allow-credentials: true
content-length: 75
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
547 B 546ms
182ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 039531dacfe46efdbc406eda5bb586ca70c248e4e94f625f63c8feb911de6f09

Request headers

Referer: https://www.state-journal.com/
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.state-journal.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 20 May 2023 06:53:17 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp&...

85 B
203 B

276ms
276ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp&cc=1
Requested by: Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6ff78545e0e513db89a850988c089c5ed4f371cd0e667061f60b9c3450c8d04e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-/HHID10ZuV5W14WmS/VN5D6IwSg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.state-journal.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 20 Apr 2023 06:53:17 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.state-journal.com
location: /esp?url=https%3A%2F%2Fwww.state-journal.com%2Fsponsored%2F10-legitimate-sites-to-buy-instagram-followers-securely%2Farticle_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 8F45 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20116361e4dc5ad4d3b096976ac6279585cfc9b72afbca86d425e798f018c146

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B5EF 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd461931f2231bc1a65c157e7e3d90d2c9ff4a68dec3a9796a6b65a12d09454e

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1DEF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2526a26db3e491ab2e1b0dcf682611cc22601adfb2642ea62df2cd977b4142

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 412ms
142ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/state-journal.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/templates/reveal.e5d561a6b71aa2730a07fa90f5f4f6d6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2332532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0UOOwlkD2IiGukl2KIMJKtBnXbAoo4z%2BQz2wL9gI3OMpiYZ3nMor6uumjJRsA9eCT%2BJIQfFBjpbCTm5%2FqGBuWaXfjXnJfKrOIBXz%2BIZGlWXLm5q02S8k%2FmZL%2BLnFq%2BRcahgWGkN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7bab7827be5fbb8f-FRA
expires: Tue, 09 Apr 2024 06:53:17 GMT

GET
H2

200

4260371618706363555
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODqwJCyDxABGAEyCEZZxkMXmqzV
https://tpc.googlesyndication.com/simgad/4260371618706363555

2 MB
2 MB

136ms
135ms

Image
image/gif

142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4260371618706363555

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

70200b84b388a81d210720f722e77ed48454a951564ed60b01d24a0890f44793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:43:31 GMT
x-content-type-options: nosniff
age: 18586
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1768163
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:07:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 01:43:31 GMT

Redirect headers

date: Wed, 19 Apr 2023 10:03:33 GMT
x-content-type-options: nosniff
server: cafe
age: 74984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/4260371618706363555
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 10:03:33 GMT

GET
H2

200

10034664907787425390
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODqwKi6_AEQARgBMgjWEXc6SardWQ
https://tpc.googlesyndication.com/simgad/10034664907787425390

495 KB
496 KB

402ms
402ms

Image
image/gif

142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10034664907787425390

Requested by

Host: www.state-journal.com
URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html

Protocol

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

a3f4c99817988d50aad922705fb263c40e4dcea3b06476bd1aff1ac4c3f7dce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 05:53:34 GMT
x-content-type-options: nosniff
age: 176383
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 507346
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:13:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 17 Apr 2024 05:53:34 GMT

Redirect headers

date: Wed, 19 Apr 2023 10:03:33 GMT
x-content-type-options: nosniff
server: cafe
age: 74984
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/10034664907787425390
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 May 2023 10:03:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8F45 0
0 171ms
171ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss71Bu1qoBuepjlLGDj2nZDBl5usxSQnXNi_vJ-Q1e7fJ2nLU12dHASiws7Ix4jLuJF7bZNP5BZc0-xNlv7hYWBdsRcNndPmjYxr4oRURpmWznNnH-GXflCkNg51wU7SswEs4cGTrbbXmfhA7vlixLQn-QW7Q2-D_mdNZ2XUcO-qe07pA1anSwlWMb7T6rGeYp06KxfTGjmEzB2K9dLC1NvEfmizOk_7ze6iLAxkjn0zLy7Niwp6HTg4Qm5MG51knuY_7CDa2MZMHIashuE78sfRGQS39WH5faqkubJlEhO3VsCNFLmWNt8B86AvtnIleghwolceTB0vi0_LtqR7e9rZ32UJ3oXee6F&sai=AMfl-YRR9ASe3zFsNVZ18ic7oHlmNoESDehXihk6QKDl-aG-OuyOGnagLZ4hEijP_yWOS_NocavWpTBVHh2nfDwfIPAFfDyDwRyKqNTSKZyFQ5zMLVKu-C5E60bLTFqg1mDIslpJEczHB9mcn5qsvoNJ&sig=Cg0ArKJSzCEGgBSxuN6hEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1DEF 0
0 171ms
171ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHWGYkPGRbXHDyeu5Ejl1fVX_6KOA9pc6LOBiGg2aIAGdVPFsQyEl-if0Xk_gRYuiqaPVJeui25lwKPiATJ5_SYqg0NQf74phMJBTCWuHAmDh_ZBvZN-ruJkUc0nx-C9E9MlCuT3BNfA9lLWkrHPA2wH2ev3BA4J87W1Z8MJG0VhobCWhN6JsFegh-p0Dab45V4sFY9Zl3U4qC_dNfqufzFZz-LIxiXq68AzCX8lM4FhW-GXg60-CypDaI_WOwZk2v8goneP1ZCPy85T6yJzrXIWDb6HHhzWvXwSI76zaWFPafabsFtjNcaRpb6yJhGNjiB7RdB1eu6yvcu4XMGQjTp63Y4lYS_Zjs&sai=AMfl-YS8qOfevrSKyfyixAAmQxtgdeuo-bQOn84xejI72Ksw3UIDCKAI2XpjI1sYZ5sk32oDt1KloRQDZWhZvt4FMAikB3ed-I__iRK9FfsRJ4MIeNRA8QjsmXjKNA99bNMy3Ov3WPUhRtBL_1WZQg2V&sig=Cg0ArKJSzH7MNPIwj2UVEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5EF 0
0 395ms
395ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvypI_qM2oJgklK5Om1Lg5Uwrf3YBdgFXlQ50QcF80sOqSuyFECwGGpL2ygBEtPjrAtGaTKeTN9TWGFXHNNWLdzVw48m0ymiiICqwjHmaj9MTV8IsTuvmDFitgZcY1aDxF5ws2aJ1u4kyzlGMnGdBY2WXYcOxtt5sZMw1f8T-R9gysRZuZhofhKtwfEKthqBWcbXUHvSD_l4iZugI4WDaQBTyllaGnMJApHBk7Snj3yhU1HsfkoeuiqgxLzVYSqBOB8E44w6j0fYJeEQpaOf6ecOavE3vkn3nR722LXUokLBGjFFdu8DrpSzXoTnX2NUORogxxkll-q8pGR0-7lrRYuOGj7jmauxAGmxA&sai=AMfl-YQsZgbhoy-mWA9mG_tHNSJ29MI4VGcXackF7VeBQ4-T8pznliTswLDk4MqE2BPANbPwpTJUTiZ6om5GRAHlaCdsB5zhsZrFJ2TNfrdM2-hnVzlHZWNOIqV1Y9yR8qTwJDEsPWaH8GDfWfr0te5O&sig=Cg0ArKJSzFindbXgT2TOEAE&uach_m=[UACH]&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 06:53:17 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7628
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3249751974268110000V10

43 B
479 B

174ms
170ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3249751974268110000V10

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WS0SK957J873QEJAKTVC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:17 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=media.net&id=3249751974268110000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 20 Apr 2023 06:53:17 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7628
Redirect Chain

https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
https://s.amazon-adsystem.com/ecm3?id=AAAqpE7IgcMAACERSaqrtA&ex=beeswax.com

43 B
479 B

4105ms
232ms

Image
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=AAAqpE7IgcMAACERSaqrtA&ex=beeswax.com

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G6MM8GTQVDFJRB4F33ZM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=AAAqpE7IgcMAACERSaqrtA&ex=beeswax.com
Date: Thu, 20 Apr 2023 06:53:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7628
Redirect Chain

https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&s=2
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=a4rFNdZ8iiLi955nBoAC

43 B
479 B

175ms
175ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=a4rFNdZ8iiLi955nBoAC

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:19 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 0F1D7XTWR4KHA78WYY4W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=a4rFNdZ8iiLi955nBoAC
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 108
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/ 74 KB
8 KB 993ms
303ms Script
application/javascript 143.244.49.180
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/web_surveys.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.49.180 Los Angeles, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

143-244-49-180.bunnyinfra.net

Software

BunnyCDN-LA1-900 /

Resource Hash

35bdbe550a0b73a63126ed6a4dd40fbbdbb08dcbd099e114fbc2d5b6ee7b6256

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:18 GMT
x-amz-version-id: i5ITLhE9HUA7KupE7DbAoVke.A5qNdHP
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cdn-edgestorageid: 953
content-security-policy: default-src 'self' 'unsafe-inline' https://surveys-static.survicate.com; connect-src https://respondent.survicate.com; img-src https://*; font-src https://surveys-static.survicate.com https://use.typekit.net https://fonts.gstatic.com; report-to csp-endpoint-survey;
x-amz-request-id: 30CSY916B2YP0HJ4
cdn-cachedat: 04/20/2023 06:37:11
cdn-pullzone: 1158558
x-amz-id-2: k7Wn28/5MAHTHVCEmva0fdLBDhC/nNJ7GJp5Nb4UKeGJOxDDkDnwza5fVJ//kr/XRG2zpcgrv0A=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 20 Apr 2023 06:35:02 GMT
server: BunnyCDN-LA1-900
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"98a732fab0e472ea974f09037e91672c"
vary: Accept-Encoding, Accept-Encoding
report-to: { "group": "csp-endpoint-survey", "max_age": 10886400, "endpoints": [{ "url": "https://panel-api.survicate.com/_/report_csp/survey" }] }
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=300
cdn-requestid: 21715b05bb4ffc50e5c1851ff9c9fcdc
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame FC61 4 KB
2 KB 506ms
166ms Document
text/html 54.170.101.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.101.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-101-76.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf64e9e795b77947b2b070eee23941d5f63b4ef680535456af4f449c3da68934

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 20 Apr 2023 06:53:17 GMT
etag: W/"02b343a5701c6b778aaed6a49e1d8c54b"
server: nginx
timing-allow-origin: *

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0DE2 281 B
554 B 819ms
134ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Apr 2023 06:53:17 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 5141
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...

626 B
698 B

151ms
150ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 69ef09908da292f03524261d84aba8a5397f82ed2f2de4bd5c8556837b7ea001

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 395
content-type: text/html
date: Thu, 20 Apr 2023 06:53:18 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 20 Apr 2023 06:53:17 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 2DA1
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=2
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4341145328816995831&gdpr=0&gdpr_consent=

43 B
479 B

177ms
177ms

Document
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4341145328816995831&gdpr=0&gdpr_consent=

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: XCGYGXZAQJ70MTXYPH7B

Redirect headers

content-length: 0
date: Thu, 20 Apr 2023 06:53:18 GMT
location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4341145328816995831&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame EAAA
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=220ac3fd90e21ed8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJFleBV2-M3gNYxifBAAAAAAA&expiration=1682060001&is_secure=true

43 B
479 B

914ms
231ms

Document
image/gif

52.46.151.131

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJFleBV2-M3gNYxifBAAAAAAA&expiration=1682060001&is_secure=true

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CQ5NDTARQTZ4GCC5NW1G

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Thu, 20 Apr 2023 06:53:21 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAJFleBV2-M3gNYxifBAAAAAAA&expiration=1682060001&is_secure=true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H/1.1

200
OK

ecm3 Show response
aax-eu.amazon-adsystem.com/s/ Frame 8AD9
Redirect Chain

https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://aax-eu.amazon-adsystem.com/s/ecm3?id=731950065115987141&ex=appnexus.com

43 B
479 B

174ms
174ms

Document
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=731950065115987141&ex=appnexus.com

Requested by

Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_rbd_n-MediaNet_n-Beeswax_ox-db5_smrt_cnv_an-db5_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 3YDC5SKWQTY2E7KZR27A

Redirect headers

AN-X-Request-Uuid: 120c7818-0c78-42c0-9783-c95dd959973c
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Apr 2023 06:53:17 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=731950065115987141&ex=appnexus.com
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=731950065115987141

35 B
250 B

1953ms
168ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=731950065115987141
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Thu, 20 Apr 2023 06:53:18 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.239.206.185; 91.239.206.185; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 098687a1-dbf4-40d5-8c45-764c8bbabdf1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=731950065115987141
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6ea1152e-6e2b-49c5-bc68-416075f9578a
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=6ea1152e-6e2b-49c5-bc68-416075f9578a
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=aa825f42-8c7d-42d0-9595-a1498937e4dc&user_group=1&ssp=gumgum2&bsw_param=6ea1152e-6e2b-49c5-bc68-416075f9578a
https://usersync.gumgum.com/usersync?b=bsw&i=6ea1152e-6e2b-49c5-bc68-416075f9578a&gdpr=&gdpr_consent=&us_privacy=

35 B
250 B

929ms
173ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=6ea1152e-6e2b-49c5-bc68-416075f9578a&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: //usersync.gumgum.com/usersync?b=bsw&i=6ea1152e-6e2b-49c5-bc68-416075f9578a&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 20 Apr 2023 06:53:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame FC61
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&obuid=ENC(PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK)
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D...
https://sync.outbrain.com/cookie-sync?p=smart&uid=4341145328816995831&obUid=PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privac...

0
145 B

230ms
229ms

Image
text/plain

64.202.112.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=4341145328816995831&obUid=PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 64.202.112.255 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 06:53:21 GMT
Cache-Control: no-cache
X-TraceId: 2531425e5c202565b845287b06a6d1d8
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=4341145328816995831&obUid=PyHmzm6gUrb6W4bR-9UenqhDC2DisIu-hjkkXMM_aUVLhppl07HciBHCapA8UXNK&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
date: Thu, 20 Apr 2023 06:53:20 GMT
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=a64d6baf-d602-41e3-8fdf-996713849b85

35 B
250 B

1832ms
167ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=a64d6baf-d602-41e3-8fdf-996713849b85
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:19 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 20 Apr 2023 06:53:18 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=a64d6baf-d602-41e3-8fdf-996713849b85
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-9c69e4cc-d34a-5730-75b6-7fc8ff15b83b$ip$91.239.206.185

35 B
250 B

167ms
167ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-9c69e4cc-d34a-5730-75b6-7fc8ff15b83b$ip$91.239.206.185
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:21 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-9c69e4cc-d34a-5730-75b6-7fc8ff15b83b$ip$91.239.206.185
Date: Thu, 20 Apr 2023 06:53:21 GMT
Connection: keep-alive
Content-Length: 128
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-44ep42JE2pcxpjMfhq3H6xWaiq.7C_OaBgFv~A

35 B
250 B

885ms
168ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-44ep42JE2pcxpjMfhq3H6xWaiq.7C_OaBgFv~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Thu, 20 Apr 2023 06:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-44ep42JE2pcxpjMfhq3H6xWaiq.7C_OaBgFv~A
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
https://usersync.gumgum.com/usersync?b=vnt&i=66cc4550-5559-4ed2-9e6f-d9bb8cd7cb41

35 B
250 B

169ms
168ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=66cc4550-5559-4ed2-9e6f-d9bb8cd7cb41
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:21 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=66cc4550-5559-4ed2-9e6f-d9bb8cd7cb41
Date: Thu, 20 Apr 2023 06:53:21 GMT
Connection: keep-alive
X-CI-RTID: 1bdc07d2-355a-4218-8289-5ee5be2e7abc
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET services
sync.technoratimedia.com/ Frame FC61 0
0

GET
H2 200 142
match.deepintent.com/usersync/ Frame FC61 0
44 B 1918ms
215ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:19 GMT
content-length: 0
server: c

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=lrrGdJIPXAayPrDLJnS6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVWHE4SHMRFESUCYIFQXSUDSIRGEU3STGY
https://usersync.gumgum.com/usersync?b=zem&i=lrrGdJIPXAayPrDLJnS6

35 B
250 B

833ms
167ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&i=lrrGdJIPXAayPrDLJnS6
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:19 GMT
Content-Type: text/html; charset=utf-8
Location: https://usersync.gumgum.com/usersync?b=zem&i=lrrGdJIPXAayPrDLJnS6
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 92
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=4c80d205-59ee-4e3d-b982-bf4578b38a1b

35 B
250 B

306ms
167ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=4c80d205-59ee-4e3d-b982-bf4578b38a1b
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=4c80d205-59ee-4e3d-b982-bf4578b38a1b
access-control-allow-origin: *
date: Thu, 20 Apr 2023 06:53:20 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=Tuh1Cs6sQhG9&ev=1&pid=558355

35 B
250 B

173ms
173ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=Tuh1Cs6sQhG9&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ka-GE
location: https://usersync.gumgum.com/usersync?b=pln&i=Tuh1Cs6sQhG9&ev=1&pid=558355
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6995c68ccb-flrtm
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame FC61
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=4341145328816995831

35 B
250 B

636ms
452ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=4341145328816995831
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=4341145328816995831
date: Thu, 20 Apr 2023 06:53:19 GMT
content-length: 0

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame FC61 43 B
479 B 169ms
169ms Image
image/gif 52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_a5406bf1-9915-4dbb-9a58-46421c96b761

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://rtb.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WRG3ECYZCFSJG1047NA9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 004D
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=&gdpr_consent=

35 B
250 B

1289ms
169ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:18 GMT
Expires: Thu, 20 Apr 2023 06:53:17 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 830 785530e master zrh-pixel-x27 config_version:"unknown"
location: https://usersync.gumgum.com/usersync?b=mmh&i=90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=&gdpr_consent=

GET
H/1.1 400
Bad Request user-sync Show response
sync.adkernel.com/ Frame 3D1D 21 B
191 B 451ms
147ms Document
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 21
Date: Thu, 20 Apr 2023 06:53:18 GMT
Pragma: no-cache
Server: nginx

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0F1A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp
https://usersync.gumgum.com/usersync?b=atm&i=ZEDhXgAEEQCmTgAp&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp

35 B
250 B

962ms
167ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=ZEDhXgAEEQCmTgAp&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 20 Apr 2023 06:53:18 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=ZEDhXgAEEQCmTgAp&gdpr=&gdpr_consent=&_test=ZEDhXgAEEQCmTgAp
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-sof1510026-SOF
x-timer: S1681973599.597461,VS0,VE0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame D2F2 170 B
409 B 3561ms
213ms Document
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hNTQwNmJmMS05OTE1LTRkYmItOWE1OC00NjQyMWM5NmI3NjE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 06:53:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1F15 16 KB
6 KB 143ms
140ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=23489
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 20 Apr 2023 06:53:17 GMT
expires: Thu, 20 Apr 2023 13:24:46 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 376D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=ded3a212-523d-400a-89f7-8eaef19a9026

35 B
250 B

1400ms
168ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=ded3a212-523d-400a-89f7-8eaef19a9026
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Thu, 20 Apr 2023 06:53:17 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=ded3a212-523d-400a-89f7-8eaef19a9026
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame AB9B
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=ZEDhX8Co8XcAAGT3aXMAAAAA

35 B
250 B

173ms
168ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=ZEDhX8Co8XcAAGT3aXMAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:20 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Apr 2023 06:53:19 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=ZEDhX8Co8XcAAGT3aXMAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 17
X-SO-Cluster-ID: 0
X-SO-HostName: m-ad257.dc4p.scaleout.jp
X-SO-IP: 91.239.206.185
X-SO-Key: ZEDhX8Co8XcAAGT3aXMAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"91.239.206.185","key":"ZEDhX8Co8XcAAGT3aXMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad257"}
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad257

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 4CA2
Redirect Chain

https://cs.admanmedia.com/sync/gumgum?puid=e_a5406bf1-9915-4dbb-9a58-46421c96b761&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
https://usersync.gumgum.com/usersync?b=aad&i=50e95d93-e04d-4ca2-8731-6875b9a59ba2

35 B
250 B

536ms
168ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=aad&i=50e95d93-e04d-4ca2-8731-6875b9a59ba2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 20 Apr 2023 06:53:18 GMT
Expires: 0
Location: https://usersync.gumgum.com/usersync?b=aad&i=50e95d93-e04d-4ca2-8731-6875b9a59ba2
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Transfer-Encoding: chunked
X-Frame-Options: DENY

GET usermatchredir
ssum-sec.casalemedia.com/ Frame 72A8 0
0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 7680
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=wnmS99AdHkPXf6htW2wp&pi=gumgum&tc=1

35 B
250 B

300ms
167ms

Document
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=wnmS99AdHkPXf6htW2wp&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Thu, 20 Apr 2023 06:53:19 GMT Thu, 20 Apr 2023 06:53:19 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=wnmS99AdHkPXf6htW2wp&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9CDD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

134ms
134ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://rtb.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Apr 2023 06:53:19 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 06:53:19 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 59A9 520 B
664 B 165ms
159ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e2837c3b2d065a458f956604095393eb5beabaf7f6e452d2ba12fd8b50049840

Request headers

Referer: https://www.state-journal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 330
content-type: text/html
date: Thu, 20 Apr 2023 06:53:18 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0DE2 34 KB
10 KB 147ms
146ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9913c33a626e3a9ebb59b6b677aea2bace5f1a7e577f8865afcfd7740f8f50b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 06:53:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2023 05:16:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80564
Connection: keep-alive
Content-Length: 10019
Expires: Fri, 21 Apr 2023 05:16:02 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1F15 2 KB
3 KB 1490ms
146ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83376938&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 4436d2a53ff611951739bef7075f443d1fac4bf89f754ef4217853fa6eb326c4

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 06:53:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 59A9 35 B
373 B 1002ms
482ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 59A9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4528129390394644311

43 B
106 B

157ms
151ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4528129390394644311
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4528129390394644311
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 59A9
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0&gdpr_consent=

43 B
62 B

145ms
145ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=5170cfdf-fe17-79b5-e8a4-898adbd49ac3&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 59A9 170 B
232 B 3307ms
218ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=N2QxZjFjMTUtMzc2MC0yNzExLWZkNDQtZDMzMzExMzY1NGEz

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 59A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1

43 B
61 B

146ms
145ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5EF 42 B
404 B 448ms
169ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNSm8k95-RI5BHiTmSHBIMmd6CQhd066-Hgw5Qe8wv_kszPa90Pp-VnDxRJ8EdNqgKUJkLriHqNdshZmlZq9CUDOvdCLQ-Wg9igWAl4k7vFIOw_658&sig=Cg0ArKJSzCS6Ip8vbtJxEAE&id=lidar2&mcvt=1001&p=620,436,710,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=751978533&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681973596359&rpt=796&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1DEF 42 B
108 B 446ms
169ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6-dZcEBY5BHMHjPe-YnZ6FpzkMlP_WtcmpZLrcMPfDsYoE4p8iZ-1jbcNgVa-knhsf301u2PBtlyOhJIi0k3E6dfZhBDp0QBm4Z1TKRFC8sm416JC&sig=Cg0ArKJSzEguW3lSwsbgEAE&id=lidar2&mcvt=1004&p=1110,436,1200,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230419&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3538995217&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681973596401&rpt=736&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/b-f140f48-8b19d3fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0DE2 284 B
934 B 808ms
138ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5141 43 B
479 B 190ms
169ms Image
image/gif 52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=4fd6a144-509d-8623-9a8c-89121101256f

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:18 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GMR6CF55SMFW06JC8XNA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 p-25CIknq_eSg16.gif
cms.quantserve.com/pixel/ Frame 5141 35 B
372 B 923ms
483ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5141
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3983137759761416126

43 B
172 B

156ms
149ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3983137759761416126
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:20 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3983137759761416126
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5141
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0&gdpr_consent=

43 B
62 B

154ms
154ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ded3a212-523d-400a-89f7-8eaef19a9026&ttd_puid=1700dd39-4c37-3dd9-5a82-0b857932ee8f&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 5141 170 B
232 B 3237ms
222ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2I2ZjBlZjMtODU0MC02MzdkLTRmNjItNTEzY2IzZDAyMGVm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 5141
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1

43 B
61 B

143ms
143ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO3ypUYf4P70JsYYnEevdg8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 10 KB
2 KB 2165ms
294ms Stylesheet
text/css 143.244.49.179
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/fonts/fonts.css

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.49.179 Los Angeles, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

143-244-49-179.bunnyinfra.net

Software

BunnyCDN-LA1-899 /

Resource Hash

bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://www.state-journal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'
content-encoding: br
cdn-edgestorageid: 1002
x-amz-request-id: ABEWDMYFN2YANP5Q
cdn-cachedat: 03/19/2023 14:02:11
cdn-pullzone: 1133799
x-amz-id-2: jEQ1GPgPhWieyeW8N2FJICMCCk0ellECicBhTQQO6GM42N7Ro76blzkCWQ0NRlWRK/YZXfkMYiI=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Apr 2022 12:02:06 GMT
server: BunnyCDN-LA1-899
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"175a0d0343589473e72c6e512936d749"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800
cdn-requestid: e3d88383442314ee5c412baefe5ce7db
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget_core-18.2.2.js Show response
surveys-static.survicate.com/ 304 KB
85 KB 2149ms
288ms Script
application/x-javascript 143.244.49.179
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/widget_core-18.2.2.js

Requested by

Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/02044958792d6a6ac6f173c470836c89/web_surveys.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.49.179 Los Angeles, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

143-244-49-179.bunnyinfra.net

Software

BunnyCDN-LA1-899 /

Resource Hash

df1c840642c886bcb8dd1dc2c355c5edfa172602ee2c7fd38c454dcb1acb0973

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.state-journal.com/
Origin: https://www.state-journal.com
accept-language: ka-GE,ka;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self'
content-encoding: br
x-amz-request-id: EHCTSVWN3H6ZVY63
cdn-pullzone: 1133799
x-amz-meta-codebuild-content-md5: 47b853e2e583c6be304bbf6408cb5add
referrer-policy: strict-origin-when-cross-origin
cdn-proxyver: 1.03
etag: W/"b7650b9ff5d48385a0419d03fd922644"
x-frame-options: DENY
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800
x-amz-meta-codebuild-content-sha256: 8f6d8dbab9b5c3ccab82d1346b60965dd65abb90119b77f552ada9456f21b515
cdn-cache: HIT
cdn-requestcountrycode: GE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date: Thu, 20 Apr 2023 06:53:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 998
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:9f92b7d1-e8d1-46a9-bc42-7dbe2bba3ca4
cdn-cachedat: 04/18/2023 13:04:52
x-amz-id-2: UtF5oUMSb2jZxugRZ/li1gDsI+a23gNx8UqxFuu2+ylj0+qCAzE8B03+urKJqMPYOIc1g8W5Rk8=
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Apr 2023 13:02:25 GMT
server: BunnyCDN-LA1-899
cdn-requestpullcode: 200
access-control-max-age: 3600
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
cdn-requestid: 36b96f9247137b5f8de514faadb678b8
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0DE2
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LGORNIYR-1G-IRR9
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LGORNIYR-1G-IRR9&ex=d-rubiconproject.com&status=ok

43 B
479 B

168ms
168ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?id=LGORNIYR-1G-IRR9&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VHRYXT9ZBJN2S96709TR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://aax-eu.amazon-adsystem.com/s/ecm3?id=LGORNIYR-1G-IRR9&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0DE2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6gs07k90QZ6AYJTfzxPAcw&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6gs07k90QZ6AYJTfzxPAcw

43 B
479 B

162ms
162ms

Image
image/gif

52.94.223.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6gs07k90QZ6AYJTfzxPAcw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

HTTP/1.1

Server

52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 107JBS9FK9K25NVQ5KQN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=6gs07k90QZ6AYJTfzxPAcw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 0DE2 43 B
855 B 3285ms
244ms Image
image/gif 52.46.151.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:22 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 351ZH12TECVH0MVC910Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DE2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/srodtfjh2a_AdOpwQo9blcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HFZLsupE2oIhaDxhdgv_wtV7.IwjSjRZ1gLcHA--~A

42 B
691 B

1193ms
140ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HFZLsupE2oIhaDxhdgv_wtV7.IwjSjRZ1gLcHA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 20 Apr 2023 06:53:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-HFZLsupE2oIhaDxhdgv_wtV7.IwjSjRZ1gLcHA--~A
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DE2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGVjMzE0MzQ3ZDE5NGM3NmEzZjRjMzBiODNhYzNkMzliM2U1OGM5Nw

170 B
232 B

2053ms
214ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGVjMzE0MzQ3ZDE5NGM3NmEzZjRjMzBiODNhYzNkMzliM2U1OGM5Nw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGVjMzE0MzQ3ZDE5NGM3NmEzZjRjMzBiODNhYzNkMzliM2U1OGM5Nw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0DE2
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGORNIYR-1G-IRR9

0
512 B

906ms
388ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGORNIYR-1G-IRR9
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:19 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8DD35BA9318E46E49A3324ED2E5315C3 Ref B: VIEEDGE3406 Ref C: 2023-04-20T06:53:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX5vv73MNpjloTc7Vw4rA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGORNIYR-1G-IRR9
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENlpPuFBciAxS2VmicW2D3M&google_cver=1

42 B
691 B

144ms
143ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENlpPuFBciAxS2VmicW2D3M&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENlpPuFBciAxS2VmicW2D3M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0DE2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdPUk5JWVItMUctSVJSOQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIUF380Bkwj0Z2WWuz_7kqg&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPUk5JWVItMUctSVJSOQ==&google_push=

170 B
232 B

146ms
145ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPUk5JWVItMUctSVJSOQ==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPUk5JWVItMUctSVJSOQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0DE2
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

1320ms
141ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0C26
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=0&gdpr_consent=

42 B
553 B

432ms
143ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 06:53:19 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: Thu, 20 Apr 2023 06:53:18 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 830 785530e master zrh-pixel-x13 config_version:"unknown"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&gdpr=0&gdpr_consent=

GET

Pug
image2.pubmatic.com/AdServer/ Frame 0CF0
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524343237384

0
0

GET
H2

200

usersync.aspx Show response
widget.eu.criteo.com/dis/ Frame 15B2
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...

43 B
363 B

451ms
152ms

Document
image/gif

178.250.1.9

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 06:53:21 GMT
expires: Thu, 20 Apr 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 203000
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

Redirect headers

content-length: 0
date: Thu, 20 Apr 2023 06:53:21 GMT
location: https://widget.eu.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server: Kestrel
server-processing-duration-in-ticks: 117425
strict-transport-security: max-age=31536000; preload;

GET pubmatic
d5p.de17a.com/getuid/ Frame EC86 0
0

GET
H2 200 p-5aWVS_roA1dVM.gif Show response
cms.quantserve.com/pixel/ Frame 7E82 35 B
261 B 134ms
134ms Document
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
content-type: image/gif
date: Thu, 20 Apr 2023 06:53:19 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=86400

GET
H/1.1 200 usersync Show response
usersync.gumgum.com/ Frame 4467 35 B
250 B 390ms
168ms Document
image/gif 34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=pbm&i=646C06DB-DCA8-4E46-8F20-CA7A635104F7
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: ka-GE,ka;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Thu, 20 Apr 2023 06:53:19 GMT
Expires: 0
Pragma: no-cache

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1F15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZGwG29yoTkaPIMp6Y1EE9w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

4 KB
4 KB

143ms
143ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:21 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=23485
accept-ranges: bytes
content-length: 5554
expires: Thu, 20 Apr 2023 13:24:46 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame 1F15 49 B
264 B 210ms
201ms Image
image/gif 52.214.4.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=646C06DB-DCA8-4E46-8F20-CA7A635104F7&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.4.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-4-83.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.99
content-length: 49
expires: 0

GET

cr
cr.frontend.weborama.fr/ Frame 1F15
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=755270068

0
0

GET match
a.audrte.com/ Frame 1F15 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjQ2QzA2REItRENBOC00RTQ2LThGMjAtQ0E3QTYzNTEwNEY3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

151ms
143ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 06:53:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1F15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPdso639q9JTK28nNU7bThg&google_cver=1

42 B
376 B

152ms
143ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPdso639q9JTK28nNU7bThg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 06:53:20 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPdso639q9JTK28nNU7bThg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 1F15 43 B
610 B 3561ms
214ms Image
image/gif 35.204.158.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 19 Apr 2023 06:53:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F15
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673281508958538268

42 B
243 B

143ms
143ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673281508958538268
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 06:53:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5673281508958538268
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1F15
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=

42 B
277 B

376ms
144ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 06:53:19 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 06:53:19 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=ded3a212-523d-400a-89f7-8eaef19a9026&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9CDD 34 KB
10 KB 184ms
183ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9913c33a626e3a9ebb59b6b677aea2bace5f1a7e577f8865afcfd7740f8f50b8

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 06:53:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Apr 2023 05:16:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80563
Connection: keep-alive
Content-Length: 10019
Expires: Fri, 21 Apr 2023 05:16:02 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 9CDD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LGORNIYR-1G-IRR9
https://usersync.gumgum.com/usersync?b=mag&i=LGORNIYR-1G-IRR9

35 B
250 B

167ms
166ms

Image
image/gif

34.247.233.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=mag&i=LGORNIYR-1G-IRR9
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Server: 34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Thu, 20 Apr 2023 06:53:20 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://usersync.gumgum.com/usersync?b=mag&i=LGORNIYR-1G-IRR9
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 1F15 0
260 B 504ms
157ms Script
text/plain 185.64.190.81

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ka-GE,ka;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:53:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/api/demand/?w=217056

Domain: trends.revcontent.com
URL: https://trends.revcontent.com/sync

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524343237384

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: cr.frontend.weborama.fr
URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=755270068

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=646C06DB-DCA8-4E46-8F20-CA7A635104F7

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.state-journal.com/	1970-01-20 11:56:05	Name: _pbjs_userid_consent_data Value: 3524755945110770
.state-journal.com/	1970-01-20 15:32:05	Name: _pubcid Value: bc98be28-e091-4377-a783-71937c46612a
.state-journal.com/	1970-01-20 11:12:57	Name: AMP_TOKEN Value: %24NOT_FOUND
.state-journal.com/	1970-01-20 20:48:53	Name: _ga Value: GA1.2.1873232917.1681973596
.state-journal.com/	1970-01-20 11:14:19	Name: _gid Value: GA1.2.919293913.1681973596
.state-journal.com/	1970-01-20 11:12:53	Name: _dc_gtm_UA-54716522-7 Value: 1
.state-journal.com/	1970-01-20 11:12:53	Name: _gat_UA-68637122-1 Value: 1
.state-journal.com/	1970-01-20 20:34:29	Name: __gads Value: ID=cb27d5310baff989:T=1681973595:S=ALNI_MYSx81y7CWpOIyKq5jkBbFtCGp4TQ
.state-journal.com/	1970-01-20 20:34:29	Name: __gpi Value: UID=00000c068f6f731c:T=1681973595:RT=1681973595:S=ALNI_Mazhivz0SU5lD9ajXuEQILY21i_wQ
.state-journal.com/	1970-01-20 11:12:53	Name: lotame_domain_check Value: state-journal.com
.amazon-adsystem.com/	1970-01-20 17:21:31	Name: ad-id Value: A66uiyE9bUwpmvQB-K9VQP8
.amazon-adsystem.com/	1970-01-20 20:48:53	Name: ad-privacy Value: 0
www.state-journal.com/	1970-01-20 11:12:57	Name: _lr_retry_request Value: true
www.state-journal.com/	1970-01-20 11:56:05	Name: _lr_env_src_ats Value: false
.doubleclick.net/	1970-01-20 20:48:53	Name: IDE Value: AHWqTUmtkLEJuZKEgBXtrh9L8Kh_qIPd5zPZkwMAUUDrOxMbLnqI7dW7z72_BYnhQJU
.crwdcntrl.net/	1970-01-20 17:41:38	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 17:41:38	Name: _cc_id Value: 8d4124039dc163d5beab7ee16ff0264b
.state-journal.com/	1970-01-20 17:41:41	Name: _cc_id Value: 8d4124039dc163d5beab7ee16ff0264b
.id5-sync.com/	1970-01-20 13:22:29	Name: id5 Value: a6cac205-c612-7f38-b549-594acdc8190d#1681973596875#2
.crwdcntrl.net/	1970-01-20 17:41:41	Name: _cc_cc Value: "ACZ4XmNQsEgxMTQyMTC2TEk2NDNOMU1KTUwyT001NEtLMzAyM0liAIIUh4exIBoKAFcYCuw%3D"
.crwdcntrl.net/	1970-01-20 17:41:41	Name: _cc_aud Value: "ABR4XmNgYGBIcXgYC6SgAAAXVQHj"
.state-journal.com/	1970-01-20 11:14:19	Name: panoramaId_expiry Value: 1682059997115
.adsrvr.org/	1970-01-20 19:59:55	Name: TDID Value: ded3a212-523d-400a-89f7-8eaef19a9026
www.state-journal.com/	1970-01-20 12:39:17	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22ded3a212-523d-400a-89f7-8eaef19a9026%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-20T06%3A53%3A17%22%7D
.adnxs.com/	1970-01-20 13:22:29	Name: uuid2 Value: 731950065115987141
.gumgum.com/	1970-01-20 19:58:29	Name: vst Value: e_a5406bf1-9915-4dbb-9a58-46421c96b761
.media.net/	1970-01-20 19:58:29	Name: visitor-id Value: 3249751974268110000V10
.openx.net/	1970-01-20 11:34:29	Name: pd Value: v2\|1681973598\|gen0vNiygu
.bidr.io/	1970-01-20 20:41:27	Name: bito Value: AAAqpE7IgcMAACERSaqrtA
.bidr.io/	1970-01-20 20:41:27	Name: bitoIsSecure Value: ok
.openx.net/	1970-01-20 19:58:29	Name: i Value: c4ace260-e5b0-022e-0054-c36d1d15dd72\|1681973597
.mathtag.com/	1970-01-20 20:38:48	Name: uuid Value: 90bd6440-e15e-4700-b87e-4e2600bc7adc
.bidswitch.net/	1970-01-20 19:58:29	Name: tuuid Value: 6ea1152e-6e2b-49c5-bc68-416075f9578a
.bidswitch.net/	1970-01-20 19:58:29	Name: c Value: 1681973598
.bidswitch.net/	1970-01-20 19:58:29	Name: tuuid_lu Value: 1681973598
.openx.net/	1970-01-20 11:34:29	Name: univ_id Value: 537072971\|ded3a212-523d-400a-89f7-8eaef19a9026\|1681973598447596
.everesttech.net/	1970-01-20 19:58:29	Name: everest_g_v2 Value: g_surferid~ZEDhXgAEEQCmTgAp
.outbrain.com/	1970-01-20 13:22:29	Name: obuid Value: 5e74a964-7e91-44db-89fa-158c32226649
.zemanta.com/	1970-01-20 19:58:29	Name: zuid Value: a4rFNdZ8iiLi955nBoAC
.smartadserver.com/	1970-01-20 20:43:07	Name: pid Value: 4341145328816995831
.rubiconproject.com/	1970-01-20 19:58:29	Name: khaos Value: LGORNIYR-1G-IRR9
pool.admedo.com/	1970-01-20 19:58:29	Name: tuuid Value: aa825f42-8c7d-42d0-9595-a1498937e4dc
pool.admedo.com/	1970-01-20 19:58:29	Name: c Value: 1681973598
.quantserve.com/	1970-01-20 20:43:07	Name: mc Value: 6440e15e-a9bf8-42830-068bd
.admanmedia.com/	1970-01-20 11:33:03	Name: admtr Value: 50e95d93-e04d-4ca2-8731-6875b9a59ba2
.admanmedia.com/	1970-01-20 11:33:03	Name: ac_r Value: CS71
pool.admedo.com/	1970-01-20 19:58:29	Name: tuuid_lu Value: 1681973599
.creativecdn.com/	1970-01-20 19:58:29	Name: u Value: wnmS99AdHkPXf6htW2wp
.creativecdn.com/	1970-01-20 19:58:29	Name: ts Value: 1681973599
.bluekai.com/	1970-01-20 15:36:24	Name: bku Value: ikG99adCxsHShZ/K
.bluekai.com/	1970-01-20 15:36:24	Name: bkpa Value: KJhz06aFL09R9mO4yl5L6853F6rp5aP992RPWm6BAVuZNiNQeIfUnfFLLwmEjhFchVXOfyfdUXqCm/P9CfvGt8B5b8ehzoqoFIYc1Hp4kIDp/7hYxOYx4C4UtVtId1wmi2tTMyzYXGyIhcPtYWQdw4l5MQi/L2wDVl4dKjQ1Ys4PvfOi70kV+eJBrOnBM5sDUTHGbuUCkDM99a5jkjQd4MO8pDW6HGGqf6ukbHAgJ7H34kIou+RRkrXkWNKuullrYFnVuolJTAopMSVil4z93Qhnyy==
.pubmatic.com/	1970-01-20 19:58:29	Name: KADUSERCOOKIE Value: 646C06DB-DCA8-4E46-8F20-CA7A635104F7
.pubmatic.com/	1970-01-20 13:22:29	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 11:14:19	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 13:22:29	Name: DPSync3 Value: 1683158400%3A201_245_241_235
.pubmatic.com/	1970-01-20 13:22:29	Name: SyncRTB3 Value: 1683244800%3A35%7C1683158400%3A161_8_21_13_54_46_220_56_7
.yahoo.com/	1970-01-20 19:58:51	Name: A3 Value: d=AQABBF_hQGQCECRoSUB5WWsRPpDRt1NRjvIFEgEBAQEyQmRKZAAAAAAA_eMAAA&S=AQAAAowKF3PPb_lp9z5gSZo-BU0
.adsrvr.org/	1970-01-20 19:59:55	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOCf-s--3eA7EAUSFwoIcHVibWF0aWMSCwictIjUvt3gOxAFGAEgASgCMgsInKyLgdXd4DsQBTgBWghwdWJtYXRpY2AC
.adform.net/	1970-01-20 11:56:05	Name: C Value: 1
.adform.net/	1970-01-20 12:39:17	Name: uid Value: 5673281508958538268
.socdm.com/	1970-01-20 20:48:53	Name: SOC Value: ZEDhX8Co8XcAAGT3aXMAAAAA
.pubmatic.com/	1970-01-20 11:56:05	Name: KRTBCOOKIE_27 Value: 16735-uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&KRTB&16736-uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&KRTB&23019-uid:90bd6440-e15e-4700-b87e-4e2600bc7adc&KRTB&23114-uid:90bd6440-e15e-4700-b87e-4e2600bc7adc
.pubmatic.com/	1970-01-20 11:56:05	Name: KRTBCOOKIE_377 Value: 6810-ded3a212-523d-400a-89f7-8eaef19a9026&KRTB&22918-ded3a212-523d-400a-89f7-8eaef19a9026&KRTB&23031-ded3a212-523d-400a-89f7-8eaef19a9026
.pubmatic.com/	1970-01-20 11:56:05	Name: KRTBCOOKIE_391 Value: 22924-5673281508958538268&KRTB&23263-5673281508958538268&KRTB&23481-5673281508958538268
.360yield.com/	1970-01-20 13:22:29	Name: tuuid Value: 4c80d205-59ee-4e3d-b982-bf4578b38a1b
.360yield.com/	1970-01-20 13:22:29	Name: tuuid_lu Value: 1681973600
.linkedin.com/	1970-01-20 19:58:29	Name: bcookie Value: "v=2&1aa66c25-1062-4db2-899c-7d9f8cb91fe9"
.linkedin.com/	1970-01-20 11:14:20	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2964:u=1:x=1:i=1681973600:t=1682060000:v=2:sig=AQFCOR9UG6asJGefTG1scg_P6DqxQCK3"
.contextweb.com/	1970-01-20 19:51:17	Name: V Value: Tuh1Cs6sQhG9
.contextweb.com/	1970-01-20 19:58:29	Name: pb_rtb_ev Value: 3-1k4p\|7bq.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: fe1692f449e3ea3d
.dotomi.com/	1970-01-20 11:12:53	Name: DotomiTest Value: 220ac3fd90e21ed8
.state-journal.com/	1970-01-20 19:58:29	Name: ajs_anonymous_id Value: 184ec930-35f1-47db-be80-e7807ab518a9
.rubiconproject.com/	1970-01-20 19:58:29	Name: audit Value: 1\|y6RyE1M3SQqNRJKqUK3As680Y5qsLJXrlztzsOfM7wztQKxMlrvSDqAxVBdtyFBIfjsjt3H1G/TqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.pubmatic.com/	1970-01-20 13:22:29	Name: KRTBCOOKIE_80 Value: 16514-CAESEPdso639q9JTK28nNU7bThg&KRTB&22987-CAESEPdso639q9JTK28nNU7bThg&KRTB&23025-CAESEPdso639q9JTK28nNU7bThg&KRTB&23386-CAESEPdso639q9JTK28nNU7bThg
.pubmatic.com/	1970-01-20 11:56:05	Name: PugT Value: 1681973600
sync.srv.stackadapt.com/	1970-01-20 19:58:29	Name: sa-user-id Value: s%3A0-9c69e4cc-d34a-5730-75b6-7fc8ff15b83b.YdyxK3rKqL0e5QVt3iN4dfR2KWhRsUAVDggb3Yc2XHE
sync.srv.stackadapt.com/	1970-01-20 19:58:29	Name: sa-user-id-v2 Value: s%3AnGnkzNNKVzB1tn_I_xW4O1vvzrk.OSjsAvlbazKSu9k29BCE%2BDiGzLjRrgZpd0dKKuNKRf8
.srv.stackadapt.com/	1970-01-20 19:58:29	Name: sa-user-id-v2 Value: s%3AnGnkzNNKVzB1tn_I_xW4O1vvzrk.OSjsAvlbazKSu9k29BCE%2BDiGzLjRrgZpd0dKKuNKRf8
.ipredictive.com/	1970-01-20 19:58:29	Name: cu Value: 66cc4550-5559-4ed2-9e6f-d9bb8cd7cb41\|1681973601554

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://tagan.adlightning.com/townnews/op.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript	error	URL: https://www.state-journal.com/sponsored/10-legitimate-sites-to-buy-instagram-followers-securely/article_f6c484f2-f08a-11eb-8d91-7fd3422fcd66.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.state-journal.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=&gdpr_consent=&ccpa= Message: Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92d69d0db2d01ee9e86c7eedec615607.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.crwdcntrl.net
ads.pubmatic.com
adservice.google.com
adservice.google.ge
amazon-tam-match.dotomi.com
ampcid.google.com
ampcid.google.ge
api.rlcdn.com
assets.revcontent.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.revcontent.com
cdn.segment.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
core.spreedly.com
cr.frontend.weborama.fr
creativecdn.com
cs.admanmedia.com
cs.media.net
d5p.de17a.com
dis.criteo.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lh3.googleusercontent.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
rtb.gumgum.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
sync-tm.everesttech.net
sync.adkernel.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tagan.adlightning.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
u.openx.net
um.simpli.fi
us-u.openx.net
usersync.gumgum.com
widget.eu.criteo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.state-journal.com
x.bidswitch.net
yeet.revcontent.com
a.audrte.com
api.rlcdn.com
cr.frontend.weborama.fr
d5p.de17a.com
image2.pubmatic.com
ssum-sec.casalemedia.com
sync.technoratimedia.com
trends.revcontent.com
104.111.217.14
104.16.133.24
104.16.85.20
104.17.25.14
104.22.53.86
108.177.15.155
124.146.215.49
13.107.42.14
142.250.181.227
142.250.184.193
142.250.185.142
142.250.185.193
142.250.185.195
142.250.185.226
142.250.185.232
142.250.185.97
142.250.186.130
142.250.186.162
142.250.186.78
143.244.49.179
143.244.49.180
151.101.130.182
151.101.130.49
151.139.128.10
162.19.138.118
162.19.138.120
172.217.16.194
172.217.18.100
172.217.18.98
172.217.23.106
178.250.1.11
178.250.1.9
18.66.147.119
185.184.8.90
185.29.132.245
185.64.189.110
185.64.190.78
185.64.190.81
185.86.138.155
192.104.183.109
198.148.27.139
2.19.35.65
216.58.212.130
23.35.228.23
23.35.236.201
23.37.42.132
3.67.53.95
34.102.146.192
34.120.135.53
34.247.233.198
35.204.158.49
35.210.53.219
35.244.159.8
35.244.193.51
35.71.131.137
37.157.3.20
37.252.171.85
38.91.45.7
52.208.190.244
52.210.55.139
52.211.229.107
52.214.4.83
52.222.208.154
52.222.247.205
52.31.6.231
52.46.151.131
52.51.99.213
52.94.223.37
54.145.221.84
54.154.41.234
54.170.101.76
54.205.66.186
54.236.144.6
64.202.112.255
64.74.236.159
65.9.66.97
69.173.144.138
69.173.144.165
74.119.118.138
77.245.57.72
80.77.87.163
89.207.16.204
91.228.74.244
99.86.8.175
0141bdce01833d9d5834faec8e6c165c1b517b7fd38135b03256746e077f42f1
01b311ed63cc026ecca7673c5531608e5e7840b81256d485bf4994759c8cb937
021ad1922ab3b6e1d8da0ddb300425284daf76bab7c60e61451f42fb5fe3bc80
02c558e07453e4766eea505e8e49e6409800f120c553ae1af14fd4c331276ec5
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
039531dacfe46efdbc406eda5bb586ca70c248e4e94f625f63c8feb911de6f09
0434a5df0a3b4ac5c9a49a19930876fc343901ed6a0de034c92cc13282e5c85a
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
09897905ec48432f0a886e41e5515838502b21bf0edc7035896692102ca8fa36
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d776de8e2c5bdd85baea6c563e8d39b7896bdcfcb0dc5c29333a9fb3f1b6480
12ab488b7c6b85c938979a2e4c26e5f0cb704641850e7a51e58391e4936afdeb
1549672fcf872a82a89518f33a7c3b0c91b64b5cea4320f7b7655c163bdb255a
177e7e00dcccb1627641e86c36f153f9e9a0ccbf3d87904f15a471f75a272bb6
180273012afa9551ba74d44a3a48f42f10b692ed23a5e35ef9b4a0758548a173
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc728ed832fc895e2c5dc2e4cb961913ad05496eeed776d568370bb065e85f9
1d9ef2132dd32f85d055ba4447b7895e017e1fd2e8aa9a8aa54d05850ae60369
1e290fe7d19052faf0432be002c9d80f4f91179f775cd4b629b892a24cc7ff58
1f58132b127c1028047f71d399a109b7dbba44548092dbeb95639cc9a71462a0
20116361e4dc5ad4d3b096976ac6279585cfc9b72afbca86d425e798f018c146
2147a998963cd1f3e7f67b3609ae0314a2967082e6aa15d9675c4fc025339f39
21a4e261b3c98c9ab9cf3de0ad7c1d1ce420fd0c09f62c5a3b31adbae7bb7bdd
223fc8122a307637f83efd6b57fb96e0daf8795aaa98e431e83064efa65b4da3
23b29275e5fd8e4bcaab36866c8876101466870fb19b350ef0b78bd36fefdb88
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
27cf59f2f5b8446bbf81f4ed9bbea4fcbbece316e3655ade51da075cdc9962d4
2cc907a1e396d946635f947642fc795611c92a76a5f22a904b2b1ec3c0c954a5
2df373f0579aa7c6c99294140954d55fc8a147a11074697818ad4fd38f96ee20
2e2d9e035b60b9327b80160e2c7bd5bea17951235a6221398f698997b9583d0b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f6d43bca4c86c095c106e84cf4b63576e07a5d3d0ddd4d0b23939a34265738c
2fb12c7dd61c8eb56535807b6d42fe7e888962ba2ca8ad515e2afac63b228e9a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547
35bdbe550a0b73a63126ed6a4dd40fbbdbb08dcbd099e114fbc2d5b6ee7b6256
3684c01ac71090704adc5937d7992a669fb3e07bb1f32481672f221f0c276c9c
3912c4e15d6da41881a29834b9e7ef397c52c001cbc95988e8ef553be185bc12
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3b12dbbd8709866d74dbd778b744f8939c13ee01c3e4916bf3df6e3683ff0210
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe3ea9025aecb864f3674d6efb7f7b3265a0aeca803097888398202df9b425f
3ff549ba57ab7dc856cf8d80c4d6bd408a7b732be3de11d4b4807fd52f243ccf
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4436d2a53ff611951739bef7075f443d1fac4bf89f754ef4217853fa6eb326c4
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50846800868a535c1d2befa0b84738e08ac7013dd5628b4a2be94308d2caa1f1
51ced124ba89239e25f413a5d21bb59087d1e651b0ff2710a73097dff91d7407
5210732beb94bd3612a6c2e55a932532f265303a35a9fdd0ba234a4d92285ef2
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ed42970dc2f1c3ff5b8878100af234399f64dd4b67d8f1fb7e1fe5fc335138
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
614b14fb9dbc9f6655bdc677fe4dfaed8df7c9c46085acf368b597f9b29a492e
62864dfc09682e01eedffa6de15991cab27064828cb39a1831059ab9a7bb735b
6293e525b90238cae9d23d36d15ed64f780635d5a1736fff4ed5103e444af2fe
648020d63cb5cdaf56ba54fcbc03fcab9edeaeba50c2fd630ef777fe715a6441
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
673a0fb1e3cf02661361b70189d7329c8e51fbbadc1b6824748a1989c3e6d95b
69c27aac0b73c044f0ccdaff22fba6598fe3d304f77702d633c9f341f92e21e3
69ef09908da292f03524261d84aba8a5397f82ed2f2de4bd5c8556837b7ea001
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b48338e53b36b09c8e5ea8dbf46cf0afffab595738ca315f12e70672268b4c0
6b4834d2f44f07a9da65dd002108da7f574827f3bfadfc55d5885ae5d48169ef
6b4ce3d24306a3cee56d07eb3af0f6b7fc272f8813b06a801619ef730c497608
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d62a37fa40b7ab69397b5adb5424590a42bbeb26cac31b34e1dde4b5006c17f
6ea46a5fbd58b64120560f7920c88ba378bd997789c2a3866e1295acb4692552
6ff78545e0e513db89a850988c089c5ed4f371cd0e667061f60b9c3450c8d04e
70200b84b388a81d210720f722e77ed48454a951564ed60b01d24a0890f44793
702533d847cd3926bc7d2eaf1dede91f6725603bafb029755c02d2cda2bfab6e
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
758b00f9a19d19e2f71f166aebc73f6d5ed12bf31d6f9db411e1890450f2e3a0
765ef5d030bfdd227d9a71b4f84547831d03fd960ea4bd2b5832a0afae6e766c
77ab2e5081c3eaf2933aaa01b21eec298568dd1d91fb4d97f03cdf3ab4a4a1af
78fabb8840d3fba5bd2a5bd16096e4d255e5da9267f3228efc263bdebf35c088
79243ba9d4f951345916f75842d1108f38686a192b7849486fab98ab0626650c
7d6d64db1af5e9a2b12b10acfab77a0223c361d4e776c83009dc7f2f5aaa11ab
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
883aa8eae3e60fb3293982ea005b7d0825faf153e68b7495fc6fe5893c38cb8c
8bf4eaf0907b9b67cc992b414b8e1a1a3ed634d910a6ec4842f08fcc06b1aab9
8e60779039de20762a5129750d4ec1ce8938d7fdb5ad80d44fbea86ad2f6ced5
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
9014d93c86e52426a8c8ccf7227a1a3cb6171146fccb168c07c9cd7981bb8141
917682ab21e5f84ad5f775e67d283cbdd01e019e20dc37bc17092b1dee91ab50
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
946c24a6f5633ceab3c85bc53f68096fc040c22d6c9919eacb8695fc104f02f5
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
950c1afb996a514a2c42fcbe09b9f2406fd5c4833b57d31dd2967ed6c127ae0a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
9913c33a626e3a9ebb59b6b677aea2bace5f1a7e577f8865afcfd7740f8f50b8
9a53831155202f4c87a3b8401f892fcebde8c94aa62f808abe5ce1eef4544b2c
9c55c575cd2d3c03eeb7861f21c8cf4f19071f7cfc5c035f7c07af12f7f37bee
9e40b87528206970058c9ce6a19d49daa45a9b8d954284b5538a1e101e1a14fd
9f31450bd00bdf0696038a5b9edf8ac3984bdbaf47f839cc5f1d10985885546a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2cb8f08c465683d7cfd51dbbc4ff0bd55185e656dc60e2073408976b9d59d3d
a2d514664135a6751de3342fff9ac0b04ddcb9fd172b9b457e0b1bc3fc08ff75
a2ffb86712b48ab86e38310b2db1d56246306409dd13c20b6c6722c74f776c06
a3f4c99817988d50aad922705fb263c40e4dcea3b06476bd1aff1ac4c3f7dce3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6519b2e757cd863fa5d0fd7476b99cd8983f6b34cda36b65b0ef6791b9bd60c
a7513ec7dfbbc4581b05203ecda10a9f1f3afeb5b08cc21d1b8bf730cbba5b9f
abbbaef2618eaf9cf000002e42db236fff4062d845b2a190aa751cdab81b0ed9
ada9d82a1291abeb8fe95fb82359767ce8d18b87553c624d3049368e93d28c92
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0cacb8d33363ac3fbc4eeff75bb55e5a1cc057b126f32ea71e3290cc0b5f6d
af6bea70dc94c86467e3682e344566a3f7097d677b5329fe22fd41abb9a443bd
b075e369d59f07abaa06a79966cae6a73e411580bff602a899a86067d6cdce9d
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b697e5eebd5b9f73a593ec027d628a4afbd1984d6e7e07d50a6d400cfcac9b0d
b7585323c138f323ec979f3fccc9f61ba807bc04d236e3443fe664c0eae99d5f
ba3ce251d647430e7b8ee4820916a475d4d9c420d4ec0dd4e14176f9f4d84823
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc1009104ffcf20bdd8170964316315eb915d2d565aebc9d8f21b8b8f8e94150
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bc9d2ec08d5cb963c3b28c81c8de67b3bf03a09e5dd8729d8bdbe7f0b35e88ef
bcc052a1089141379607fd72fbea5d838829ee97cedc3903b39c7bd874001c7b
bd49ff4c1f77c137d4a006e41f9ec83842c543c7d7ef8231f7968aa6f0901f86
c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5bf9da61f9d4956b20577fe79038e5bd6dd8db076059155b18d8f4f2f8d6b34
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce1ddf5fb93c722173734afdbd9006a376d85fb11c563cca430517e357e85227
ceabd657e1f90cf9a76784892a279e8a947fd0616b78fdea26a48ae5edd6a9c6
ceb731414616837d5947ccd22c0f009ddc9cc7b4730a4932f9debde250e9c471
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf64e9e795b77947b2b070eee23941d5f63b4ef680535456af4f449c3da68934
d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0e87af47a13553e099e608e39a835bd145b145665ba8dd1143d5678c112dd3b
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dbf3bfb5c974a3a22c04b2614f61efab99657d7142e12bc7c791c357229a650c
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
df1c840642c886bcb8dd1dc2c355c5edfa172602ee2c7fd38c454dcb1acb0973
e02001a09cafaa275d42c058827876bf0c36295fc53c377db69a6dce21c51217
e04a03a17aaa1bc2650cdaffbcccbcc23a45b550ffb638507f5b8e253fbe2c0f
e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c
e27470d1cea6277844e64b2b9bb57689fa5ea25bd4ec8fad36f9ff3345eef4d0
e2837c3b2d065a458f956604095393eb5beabaf7f6e452d2ba12fd8b50049840
e2888adf4d3b89c5f90f09bb17e5ccb6d126457c9bd1cfde892194ba8954cd21
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b51420d0d2ec905c232e07b8c28926305a18268dbc98e5134b0d172e0f340c
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c
f180d76be4fe3072f5c29b64ac56aa850f4ee0bfc2fcfe33541f918cd2801ad4
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f9186752fbc16321f99c98fb41db4058c9caf24529c0070d53d61f609e14dc2a
fb2526a26db3e491ab2e1b0dcf682611cc22601adfb2642ea62df2cd977b4142
fd1c2baeeb4b9c810473123f0a2ab8050fcac0e2d4432af2542fc49822751143
fd461931f2231bc1a65c157e7e3d90d2c9ff4a68dec3a9796a6b65a12d09454e

www.state-journal.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

268 Requests

83 %HTTPS

0 %IPv6

64 Domains

102 Subdomains

63 IPs

10 Countries

5096 kBTransfer

9642 kBSize

80 Cookies

30 Outgoing links

Redirected requests

268 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.state-journal.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

268
Requests

83 %
HTTPS

0 %
IPv6

64
Domains

102
Subdomains

63
IPs

10
Countries

5096 kB
Transfer

9642 kB
Size

80
Cookies

268 HTTP transactions
5 data transactions