urlscan.io logo urlscan.io
SecurityTrails logo

gazette.com Open in urlscan Pro
192.104.183.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c63...
Submission: On November 14 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 172 IPs in 12 countries across 148 domains to perform 899 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is gazette.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on October 16th 2021. Valid for: 3 months.
This is the only time gazette.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 192.104.183.109 10668 (LEE-ASN)
33 104.18.131.43 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
11 2606:2800:233... 15133 (EDGECAST)
2 32 142.250.186.66 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 151.101.193.194 54113 (FASTLY)
6 2600:9000:206... 16509 (AMAZON-02)
4 34.98.72.95 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 4 13.35.253.42 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 34.120.253.250 15169 (GOOGLE)
5 34.195.91.69 14618 (AMAZON-AES)
19 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.98 15169 (GOOGLE)
4 2a03:2880:f01... 32934 (FACEBOOK)
5 7 2620:116:800d... 16509 (AMAZON-02)
1 13.32.22.112 16509 (AMAZON-02)
1 13.32.20.11 16509 (AMAZON-02)
1 65.9.65.116 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 104.18.7.244 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 12 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 65.9.69.29 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 151.101.129.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
1 39 2a00:1450:400... 15169 (GOOGLE)
14 34.117.4.53 15169 (GOOGLE)
16 2.18.233.180 16625 (AKAMAI-AS)
3 151.101.130.87 54113 (FASTLY)
1 104.26.4.15 13335 (CLOUDFLAR...)
2 4 35.207.10.239 15169 (GOOGLE)
26 28 35.156.121.212 16509 (AMAZON-02)
13 13 185.29.132.245 30419 (MEDIAMATH...)
3 6 2a02:2638::1c 44788 (ASN-CRITE...)
6 178.250.0.157 44788 (ASN-CRITE...)
1 2.18.234.163 16625 (AKAMAI-AS)
1 65.9.58.92 16509 (AMAZON-02)
1 52.217.48.212 16509 (AMAZON-02)
8 52.9.67.232 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
3 99.80.164.0 16509 (AMAZON-02)
3 213.19.147.43 3356 (LEVEL3)
3 147.75.38.124 54825 (PACKET)
3 23.37.38.181 16625 (AKAMAI-AS)
7 51.89.9.251 16276 (OVH)
3 2602:803:c003... 26667 (RUBICONPR...)
7 21 37.252.172.123 29990 (ASN-APPNEX)
3 178.162.133.150 60781 (LEASEWEB-...)
7 29 34.98.64.218 15169 (GOOGLE)
8 17 216.52.2.39 29791 (VOXEL-DOT...)
3 185.64.189.112 62713 (AS-PUBMATIC)
23 2a00:1450:400... 15169 (GOOGLE)
8 151.139.128.11 20446 (HIGHWINDS3)
3 2600:9000:205... 16509 (AMAZON-02)
5 130.211.115.4 15169 (GOOGLE)
9 34.239.232.96 14618 (AMAZON-AES)
3 2600:9000:206... 16509 (AMAZON-02)
2 2.18.235.40 16625 (AKAMAI-AS)
3 34.227.85.106 14618 (AMAZON-AES)
1 52.202.233.191 14618 (AMAZON-AES)
4 13.32.21.201 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
5 150.136.156.92 31898 (ORACLE-BM...)
2 4 192.96.200.41 30633 (LEASEWEB-...)
2 104.16.190.66 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 34.149.20.76 15169 (GOOGLE)
1 18.196.230.57 16509 (AMAZON-02)
3 66 54.77.47.243 16509 (AMAZON-02)
1 13.35.253.70 16509 (AMAZON-02)
1 104.111.219.144 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
3 54.36.109.47 16276 (OVH)
1 34.120.133.55 15169 (GOOGLE)
9 19 52.223.40.198 16509 (AMAZON-02)
1 143.204.215.96 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2600:9000:211... 16509 (AMAZON-02)
1 52.44.73.66 14618 (AMAZON-AES)
2 2600:9000:214... 16509 (AMAZON-02)
6 3.64.78.138 16509 (AMAZON-02)
1 13.32.22.79 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
3 37.252.172.38 29990 (ASN-APPNEX)
2 18.157.213.64 16509 (AMAZON-02)
4 143.204.215.70 16509 (AMAZON-02)
7 3.122.66.229 16509 (AMAZON-02)
1 3 142.250.74.198 15169 (GOOGLE)
2 13.85.16.224 8075 (MICROSOFT...)
29 2a00:1450:400... 15169 (GOOGLE)
4 151.101.193.108 54113 (FASTLY)
3 4 54.194.226.253 16509 (AMAZON-02)
17 34 142.250.185.162 15169 (GOOGLE)
2 3 35.227.252.103 15169 (GOOGLE)
2 3 198.47.127.19 3257 (GTT-BACKB...)
2 178.162.133.149 60781 (LEASEWEB-...)
22 25 213.19.147.45 3356 (LEVEL3)
4 185.86.138.131 201081 (SMARTADSE...)
3 15 23.37.42.132 16625 (AKAMAI-AS)
2 26 2.18.234.21 16625 (AKAMAI-AS)
2 2 35.156.135.60 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
10 10 52.16.151.94 16509 (AMAZON-02)
1 6 185.64.189.110 62713 (AS-PUBMATIC)
7 7 198.148.27.139 19189 (PULSEPOINT)
1 185.86.138.144 201081 (SMARTADSE...)
3 5 37.157.4.23 198622 (ADFORM)
6 6 66.155.71.150 13768 (COGECO-PEER1)
41 216.52.2.48 29791 (VOXEL-DOT...)
2 6 54.239.37.23 16509 (AMAZON-02)
5 7 159.122.14.34 36351 (SOFTLAYER)
3 8.43.72.97 26667 (RUBICONPR...)
3 3 52.72.174.10 14618 (AMAZON-AES)
6 7 37.252.173.27 29990 (ASN-APPNEX)
2 2 35.210.178.101 19527 (GOOGLE-2)
9 9 193.0.160.129 54312 (ROCKETFUEL)
4 4 18.195.217.206 16509 (AMAZON-02)
10 10 185.184.8.65 204995 (RTB-HOUSE...)
6 9 104.111.242.53 16625 (AKAMAI-AS)
1 2 52.28.175.201 16509 (AMAZON-02)
1 3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
6 8 151.101.66.49 54113 (FASTLY)
2 2 94.23.171.206 16276 (OVH)
4 4 51.210.112.236 16276 (OVH)
2 2 2620:112:f000... 6336 (TURN-US-ASN)
5 9 2a00:1288:110... 34010 (YAHOO-IRD)
6 69.173.144.138 26667 (RUBICONPR...)
2 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 213.155.156.182 1299 (TWELVE99 ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 4 198.47.127.20 62713 (AS-PUBMATIC)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 5 185.64.190.80 62713 (AS-PUBMATIC)
3 4 3.126.56.137 16509 (AMAZON-02)
1 104.111.242.245 16625 (AKAMAI-AS)
1 34.96.105.8 15169 (GOOGLE)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 54.226.209.67 14618 (AMAZON-AES)
1 51.178.20.139 16276 (OVH)
4 4 52.44.220.233 14618 (AMAZON-AES)
4 4 50.31.142.159 23352 (SERVERCEN...)
9 12 64.202.112.127 22075 (AS-OUTBRAIN)
4 38.91.45.7 398989 (DEEPINTENT)
6 6 99.80.191.196 16509 (AMAZON-02)
1 162.55.6.211 24940 (HETZNER-AS)
1 104.111.218.85 16625 (AKAMAI-AS)
2 3 18.159.140.98 16509 (AMAZON-02)
1 1 188.34.190.28 24940 (HETZNER-AS)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 185.94.180.126 35220 (SPOTX-AMS)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 4 52.46.130.91 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.241.40.233 ()
1 1 52.71.177.7 14618 (AMAZON-AES)
6 208.100.17.173 32748 (STEADFAST)
5 18.195.155.181 16509 (AMAZON-02)
3 3 124.146.215.44 2514 (INFOSPHER...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 54.194.211.3 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 152.199.22.191 15133 (EDGECAST)
2 2 18.185.243.227 16509 (AMAZON-02)
21 172.66.42.247 13335 (CLOUDFLAR...)
1 2.18.235.93 16625 (AKAMAI-AS)
1 37.18.103.16 205675 (HYBRID-AS)
2 3.216.236.90 14618 (AMAZON-AES)
2 2 18.197.21.136 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 2 208.100.17.186 32748 (STEADFAST)
4 4 185.64.190.79 62713 (AS-PUBMATIC)
2 2 52.214.119.250 16509 (AMAZON-02)
1 52.19.63.112 16509 (AMAZON-02)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 38.27.122.158 174 (COGENT-174)
1 1 51.68.39.188 16276 (OVH)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 2600:9000:211... ()
1 142.250.185.226 ()
2 52.236.186.216 ()
899 172
9    192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com
gazette.com
33    104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.newyork1.vip.townnews.com
5    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.sbgsodufuosmmvsdf.info
az416426.vo.msecnd.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
cdn.czx5eyk0exbhwp43ya.biz
32    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2606:4700::6810:bbdd (United States)

ASN13335 (CLOUDFLARENET, US)
i.prcdn.co
3    151.101.193.194 (United States)

ASN54113 (FASTLY, US)
production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
evvnt-plugin-proxy.global.ssl.fastly.net
6    2600:9000:206f:5600:18:a82e:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)
discovery.evvnt.com
4    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
7    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
4    13.35.253.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net
sb.scorecardresearch.com
9    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
13    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
5    34.195.91.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-91-69.compute-1.amazonaws.com
www.i.matheranalytics.com
19    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.32.22.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-112.fra56.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    13.32.20.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-20-11.fra56.r.cloudfront.net
cdn.listrakbi.com
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com
a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com
beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)
s1.listrakbi.com
4    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
6    65.9.69.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-69-29.fra56.r.cloudfront.net
cdn1.opstag.com
15    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
9    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
evvnt-api.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
1    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
39    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    34.117.4.53 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 53.4.117.34.bc.googleusercontent.com
api.bounceexchange.com
dfp.bouncex.net
events.bouncex.net
16    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    151.101.130.87 (United States)

ASN54113 (FASTLY, US)
s1.ticketm.net
1    104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
4    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
28    35.156.121.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
x.bidswitch.net
13    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
1    65.9.58.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-92.fra56.r.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
1    52.217.48.212 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
8    52.9.67.232 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-67-232.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    2600:9000:211e:c800:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    99.80.164.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
trends.revcontent.com
3    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
3    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
7    51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
21    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
29    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
os4m-d.openx.net
insticator-d.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
17    216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
23    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn.revcontent.com
images.revcontent.com
3    2600:9000:2057:f400:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
5    130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
9    34.239.232.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-232-96.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
event.instiengage.com
cms.instiengage.com
3    2600:9000:206f:b600:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.instiengage.com
product.instiengage.com
2    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
3    34.227.85.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-85-106.compute-1.amazonaws.com
geoip.insticator.com
event.insticator.com
1    52.202.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-233-191.compute-1.amazonaws.com
b2c.insticator.com
4    13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:211e:ee00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
5    150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
sync.technoratimedia.com
4    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
2    104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    2a02:fa8:8806:12::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
2    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
66    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    13.35.253.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-70.fra6.r.cloudfront.net
ats.rlcdn.com
1    104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
3    54.36.109.47 (France)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
19    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
1    143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net
geo.privacymanager.io
2    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
5    2600:9000:211e:aa00:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    52.44.73.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-73-66.compute-1.amazonaws.com
b2c.instiengage.com
2    2600:9000:214f:aa00:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)
dh014lg6uwepv.cloudfront.net
6    3.64.78.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
us.ads.justpremium.com
match.justpremium.com
pre.ads.justpremium.com
1    13.32.22.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-79.fra56.r.cloudfront.net
live.rezync.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
cdn.adnxs.com
3    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    18.157.213.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-213-64.eu-central-1.compute.amazonaws.com
protected-by.clarium.io
4    143.204.215.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-70.fra53.r.cloudfront.net
cdn.justpremium.com
7    3.122.66.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
tracking.justpremium.com
3    142.250.74.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net
ad.doubleclick.net
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-cosprings-proxy-connext.azurewebsites.net
29    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    54.194.226.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
34    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
2    178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
25    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
15    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
26    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
dsum.casalemedia.com
2    35.156.135.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-135-60.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
10    52.16.151.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-151-94.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.138.144 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
5    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
41    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
6    54.239.37.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
3    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
3    52.72.174.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-174-10.compute-1.amazonaws.com
aorta.clickagy.com
7    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com
a.volvelle.tech
9    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    18.195.217.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-217-206.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
10    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
9    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
2    52.28.175.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-175-201.eu-central-1.compute.amazonaws.com
j.mrpdata.net
3    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
openx2-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    94.23.171.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu
green.erne.co
4    51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh
pixel.onaudience.com
2    2620:112:f000:bbbb::11 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
9    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
6    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
2    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    213.155.156.182 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    54.226.209.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-209-67.compute-1.amazonaws.com
sync.ipredictive.com
1    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
4    52.44.220.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-220-233.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    50.31.142.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
12    64.202.112.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
4    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
6    99.80.191.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-191-196.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    162.55.6.211 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de
csync.loopme.me
1    104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com
ad.yieldlab.net
3    18.159.140.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    188.34.190.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.190.34.188.clients.your-server.de
bidswitch-eu.splicky.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    35.241.40.233 (None, )

ASN- ()
dmp.brand-display.com
1    52.71.177.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-177-7.compute-1.amazonaws.com
nep.advangelists.com
6    208.100.17.173 (United States)

ASN32748 (STEADFAST, US)
PTR: ip173.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
5    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
3    124.146.215.44 (Toshima, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    54.194.211.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-211-3.eu-west-1.compute.amazonaws.com
ads.avct.cloud
2    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
2    18.185.243.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-243-227.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
21    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm-eu.hybrid.ai
2    3.216.236.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-236-90.compute-1.amazonaws.com
rtb.adentifi.com
2    18.197.21.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-21-136.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    208.100.17.186 (United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net
de.tynt.com
4    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
1    52.19.63.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
s.cpx.to
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2600:9000:211e:ea00:6:44e3:f8c0:93a1 (None, )

ASN- ()
rules.quantcount.com
1    142.250.185.226 (None, )

ASN- ()
ade.googlesyndication.com
2    52.236.186.216 (None, )

ASN- ()
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
79 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
static.doubleclick.net
pubads.g.doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
756 KB
71 googlesyndication.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com
a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com
beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
ade.googlesyndication.com
569 KB
66 gumgum.com
g2.gumgum.com
rtb.gumgum.com
22 KB
58 lijit.com
ap.lijit.com
ce.lijit.com
67 KB
41 pubmatic.com
ads.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
image8.pubmatic.com
simage4.pubmatic.com
258 KB
36 adnxs.com
ib.adnxs.com
cdn.adnxs.com
fra1-ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
129 KB
33 townnews.com
bloximages.newyork1.vip.townnews.com
511 KB
32 openx.net
os4m-d.openx.net
insticator-d.openx.net
rtb.openx.net
eu-u.openx.net
us-u.openx.net
u.openx.net
6 KB
31 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com Failed
eus.rubiconproject.com
pixel-eu.rubiconproject.com Failed
pixel-us-east.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
70 KB
29 2mdn.net
s0.2mdn.net
170 KB
28 bidswitch.net
x.bidswitch.net
11 KB
23 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
dsum.casalemedia.com
25 KB
21 infolinks.com
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
363 KB
20 adsrvr.org
js.adsrvr.org
match.adsrvr.org
data.adsrvr.org
10 KB
19 1rx.io
tag.1rx.io
sync.1rx.io
9 KB
19 google.com
adservice.google.com
ampcid.google.com
www.google.com
18 KB
19 google-analytics.com
www.google-analytics.com
41 KB
18 instiengage.com
geoip.instiengage.com
auth.instiengage.com
eua.instiengage.com
product.instiengage.com
event.instiengage.com
static.instiengage.com
b2c.instiengage.com
cms.instiengage.com
156 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
396 KB
17 justpremium.com
us.ads.justpremium.com
cdn.justpremium.com
tracking.justpremium.com
match.justpremium.com
pre.ads.justpremium.com
102 KB
15 googletagservices.com
www.googletagservices.com
454 KB
14 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
4 KB
14 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
46 KB
13 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
4 KB
13 mathtag.com
sync.mathtag.com
7 KB
12 outbrain.com
sync.outbrain.com
4 KB
12 bouncex.net
dfp.bouncex.net
events.bouncex.net
1 KB
12 fastly.net
production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
evvnt-api.global.ssl.fastly.net
evvnt-plugin-proxy.global.ssl.fastly.net
confiant-integrations.global.ssl.fastly.net
368 KB
11 revcontent.com
trends.revcontent.com
cdn.revcontent.com
images.revcontent.com
274 KB
10 creativecdn.com
creativecdn.com
3 KB
10 bidr.io
match.prod.bidr.io
5 KB
10 google.co.uk
adservice.google.co.uk
www.google.co.uk
2 KB
9 owneriq.net
px.owneriq.net
3 KB
9 rfihub.com
p.rfihub.com
7 KB
9 unrulymedia.com
sync.targeting.unrulymedia.com
4 KB
9 youtube.com
www.youtube.com
709 KB
9 gazette.com
gazette.com
119 KB
8 everesttech.net
sync-tm.everesttech.net
1 KB
8 33across.com
ssc.33across.com
ssc-cms.33across.com
525 B
8 ad-score.com
js.ad-score.com
data.ad-score.com
116 KB
8 postrelease.com
jadserve.postrelease.com
4 KB
7 simpli.fi
um.simpli.fi
3 KB
7 contextweb.com
bh.contextweb.com
2 KB
7 onetag-sys.com
onetag-sys.com
3 KB
7 cloudfront.net
d31qbv1cthcecs.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
134 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
12 KB
7 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
43 KB
7 googletagmanager.com
www.googletagmanager.com
356 KB
7 bounceexchange.com
assets.bounceexchange.com
tag.bounceexchange.com
api.bounceexchange.com
174 KB
6 360yield.com
ad.360yield.com
2 KB
6 sitescout.com
pixel-sync.sitescout.com
2 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
156 B
6 technoratimedia.com
insticator.technoratimedia.com
sync.technoratimedia.com
ad-cdn.technoratimedia.com
7 KB
6 opstag.com
cdn1.opstag.com
216 KB
6 evvnt.com
discovery.evvnt.com
1 MB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
127 KB
5 adform.net
c1.adform.net
2 KB
5 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
463 B
5 sonobi.com
apex.go.sonobi.com
sync.go.sonobi.com
3 KB
5 jsdelivr.net
cdn.jsdelivr.net
73 KB
4 deepintent.com
match.deepintent.com
115 B
4 zemanta.com
b1sync.zemanta.com
1 KB
4 stackadapt.com
sync.srv.stackadapt.com
2 KB
4 ipredictive.com
sync.ipredictive.com
2 KB
4 turn.com
ad.turn.com
d.turn.com
2 KB
4 onaudience.com
pixel.onaudience.com
2 KB
4 mfadsrvr.com
rtb.mfadsrvr.com
2 KB
4 crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
bcp.crwdcntrl.net
2 KB
4 id5-sync.com
cdn.id5-sync.com
id5-sync.com
12 KB
4 dotomi.com
web.hb.ad.cpe.dotomi.com
openx2-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
875 B
4 aralego.com
hb.aralego.com
sync.aralego.com
1 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 behave.com
ssp.behave.com
2 KB
4 facebook.net
connect.facebook.net
197 KB
4 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 unpkg.com
unpkg.com
2 KB
3 socdm.com
tg.socdm.com
2 KB
3 advertising.com
pixel.advertising.com
819 B
3 clickagy.com
aorta.clickagy.com
2 KB
3 mookie1.com
odr.mookie1.com
536 B
3 a-mo.net
prebid.a-mo.net
752 B
3 ticketm.net
s1.ticketm.net
26 KB
3 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
382 KB
3 cloudflare.com
cdnjs.cloudflare.com
17 KB
3 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
297 KB
2 visualstudio.com
dc.services.visualstudio.com
304 B
2 tapad.com
pixel.tapad.com
889 B
2 scoota.co
r.scoota.co
1 KB
2 tynt.com
de.tynt.com
710 B
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 adentifi.com
rtb.adentifi.com
176 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 aralego.net
cdn.aralego.net
2 KB
2 avct.cloud
ads.avct.cloud
892 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 admedo.com
pool.admedo.com
721 B
2 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz
219 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
922 B
2 de17a.com
d5p.de17a.com
637 B
2 erne.co
green.erne.co
569 B
2 mrpdata.net
j.mrpdata.net
547 B
2 volvelle.tech
a.volvelle.tech
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 azurewebsites.net
prod-cosprings-proxy-connext.azurewebsites.net
1 KB
2 clarium.io
protected-by.clarium.io
690 B
2 fontawesome.com
use.fontawesome.com
85 KB
2 rlcdn.com
ats.rlcdn.com
api.rlcdn.com
61 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
281 B
2 moatads.com
z.moatads.com
s-jsonp.moatads.com
55 KB
2 facebook.com
www.facebook.com
399 B
2 msecnd.net
az416426.vo.msecnd.net
44 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
84 KB
2 listrakbi.com
cdn.listrakbi.com
s1.listrakbi.com
22 KB
1 quantcount.com
rules.quantcount.com
439 B
1 adgrx.com
cm.adgrx.com
408 B
1 nrich.ai
dsp.nrich.ai
489 B
1 bnmla.com
match.bnmla.com
114 B
1 adkernel.com
dsp.adkernel.com
233 B
1 cpx.to
s.cpx.to
945 B
1 bttrack.com
bttrack.com
380 B
1 hybrid.ai
dm-eu.hybrid.ai
239 B
1 media.net
contextual.media.net
289 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 advangelists.com
nep.advangelists.com
234 B
1 brand-display.com
dmp.brand-display.com
1 ad4m.at
ad4m.at
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 yieldlab.net
ad.yieldlab.net
360 B
1 loopme.me
csync.loopme.me
131 B
1 dyntrk.com
gu.dyntrk.com
215 B
1 blismedia.com
tr.blismedia.com
141 B
1 teads.tv
sync.teads.tv
172 B
1 rezync.com
live.rezync.com
660 B
1 privacymanager.io
geo.privacymanager.io
597 B
1 fastclick.net
secure.cdn.fastclick.net
17 KB
1 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1 KB
1 ntv.io
s.ntv.io
113 KB
1 db-ip.com
api-mg2.db-ip.com
883 B
1 ytimg.com
i.ytimg.com
37 KB
1 ggpht.com
yt3.ggpht.com
2 KB
1 sbgsodufuosmmvsdf.info
cdn.sbgsodufuosmmvsdf.info
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 polyfill.io
polyfill.io
589 B
1 prcdn.co
i.prcdn.co
42 KB
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
0 a-mx.com Failed
id.a-mx.com Failed
899 148
Domain Requested by
64 rtb.gumgum.com 3 redirects ap.lijit.com
rtb.gumgum.com
gazette.com
df80k0z3fi8zg.cloudfront.net
41 ce.lijit.com ap.lijit.com
us-u.openx.net
rtb.gumgum.com
39 tpc.googlesyndication.com 1 redirects 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
gazette.com
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
33 bloximages.newyork1.vip.townnews.com gazette.com
32 cm.g.doubleclick.net 17 redirects gazette.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
eu-u.openx.net
ap.lijit.com
rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
29 s0.2mdn.net gazette.com
s0.2mdn.net
tpc.googlesyndication.com
28 x.bidswitch.net 26 redirects ssum-sec.casalemedia.com
28 securepubads.g.doubleclick.net gazette.com
securepubads.g.doubleclick.net
www.googletagservices.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
az416426.vo.msecnd.net
23 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
gazette.com
tpc.googlesyndication.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
21 ib.adnxs.com 7 redirects cdn1.opstag.com
az416426.vo.msecnd.net
acdn.adnxs.com
ssum-sec.casalemedia.com
19 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
gazette.com
az416426.vo.msecnd.net
17 us-u.openx.net 5 redirects eu-u.openx.net
ap.lijit.com
us-u.openx.net
17 ap.lijit.com 8 redirects cdn1.opstag.com
az416426.vo.msecnd.net
ap.lijit.com
df80k0z3fi8zg.cloudfront.net
16 sync.1rx.io 16 redirects
16 match.adsrvr.org 9 redirects ads.pubmatic.com
az416426.vo.msecnd.net
eu-u.openx.net
gazette.com
ssum-sec.casalemedia.com
16 ads.pubmatic.com gazette.com
d3lcz8vpax4lo2.cloudfront.net
cdn1.opstag.com
ap.lijit.com
ads.pubmatic.com
rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
15 www.googletagservices.com securepubads.g.doubleclick.net
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
gazette.com
cdn.justpremium.com
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
14 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
13 sync.mathtag.com 13 redirects
13 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
12 sync.outbrain.com 9 redirects rtb.gumgum.com
12 eus.rubiconproject.com cdn1.opstag.com
eus.rubiconproject.com
rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
12 www.google.com 1 redirects gazette.com
www.youtube.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 events.bouncex.net gazette.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
10 creativecdn.com 10 redirects
10 match.prod.bidr.io 10 redirects
9 pr-bh.ybp.yahoo.com 5 redirects eu-u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
9 px.owneriq.net 6 redirects ap.lijit.com
9 p.rfihub.com 9 redirects
9 sync.targeting.unrulymedia.com 6 redirects ap.lijit.com
us-u.openx.net
rtb.gumgum.com
9 www.youtube.com gazette.com
www.youtube.com
9 gazette.com gazette.com
bloximages.newyork1.vip.townnews.com
az416426.vo.msecnd.net
8 sync-tm.everesttech.net 6 redirects ssum-sec.casalemedia.com
8 eu-u.openx.net 1 redirects cdn1.opstag.com
eu-u.openx.net
df80k0z3fi8zg.cloudfront.net
8 jadserve.postrelease.com s.ntv.io
gazette.com
ap.lijit.com
8 confiant-integrations.global.ssl.fastly.net cdn1.opstag.com
confiant-integrations.global.ssl.fastly.net
d3lcz8vpax4lo2.cloudfront.net
gazette.com
7 secure.adnxs.com 6 redirects ssum-sec.casalemedia.com
7 um.simpli.fi 5 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 bh.contextweb.com 7 redirects
7 tracking.justpremium.com gazette.com
7 onetag-sys.com cdn1.opstag.com
gazette.com
router.infolinks.com
7 www.googletagmanager.com gazette.com
www.googletagmanager.com
g2insights-cdn.azureedge.net
6 ssc-cms.33across.com rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
router.infolinks.com
6 ad.360yield.com 6 redirects
6 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
router.infolinks.com
6 aax-eu.amazon-adsystem.com 2 redirects ap.lijit.com
us-u.openx.net
6 pixel-sync.sitescout.com 6 redirects
6 pixel.quantserve.com 5 redirects gazette.com
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 js-sec.indexww.com cdn1.opstag.com
ssum-sec.casalemedia.com
df80k0z3fi8zg.cloudfront.net
6 images.revcontent.com gazette.com
6 mug.criteo.com gazette.com
6 gum.criteo.com 3 redirects
6 cdn1.opstag.com securepubads.g.doubleclick.net
cdn1.opstag.com
6 adservice.google.com securepubads.g.doubleclick.net
6 adservice.google.co.uk securepubads.g.doubleclick.net
6 discovery.evvnt.com gazette.com
production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
5 resources.infolinks.com www.googletagmanager.com
gazette.com
resources.infolinks.com
5 cs.emxdgt.com rtb.gumgum.com
df80k0z3fi8zg.cloudfront.net
5 simage2.pubmatic.com 2 redirects ads.pubmatic.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 static.instiengage.com gazette.com
5 data.ad-score.com az416426.vo.msecnd.net
5 www.gstatic.com 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
www.youtube.com
www.gstatic.com
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
5 cdn.jsdelivr.net production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
5 www.i.matheranalytics.com gazette.com
5 fonts.googleapis.com gazette.com
discovery.evvnt.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
client
tpc.googlesyndication.com
4 image8.pubmatic.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 match.deepintent.com rtb.gumgum.com
ssum-sec.casalemedia.com
4 b1sync.zemanta.com 4 redirects
4 sync.srv.stackadapt.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
4 pixel.onaudience.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 ssbsync.smartadserver.com 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
rtb.gumgum.com
4 pixel.rubiconproject.com 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
gazette.com
eus.rubiconproject.com
4 acdn.adnxs.com gazette.com
cdn1.opstag.com
df80k0z3fi8zg.cloudfront.net
4 cdn.justpremium.com us.ads.justpremium.com
cdn.justpremium.com
gazette.com
4 event.instiengage.com product.instiengage.com
4 c.amazon-adsystem.com srcdoc
c.amazon-adsystem.com
4 ssp.behave.com 2 redirects gazette.com
az416426.vo.msecnd.net
4 pubads.g.doubleclick.net 2 redirects gazette.com
4 www.google.co.uk gazette.com
4 stats.g.doubleclick.net www.google-analytics.com
az416426.vo.msecnd.net
4 connect.facebook.net gazette.com
connect.facebook.net
4 sb.scorecardresearch.com 2 redirects gazette.com
4 assets.bounceexchange.com gazette.com
tag.bounceexchange.com
assets.bounceexchange.com
3 unpkg.com 2 redirects gazette.com
3 as-sec.casalemedia.com az416426.vo.msecnd.net
3 tg.socdm.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 pixel.advertising.com 2 redirects us-u.openx.net
3 sync.technoratimedia.com rtb.gumgum.com
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 data.adsrvr.org ap.lijit.com
3 aorta.clickagy.com 3 redirects
3 pixel-us-east.rubiconproject.com ap.lijit.com
3 odr.mookie1.com eu-u.openx.net
rtb.gumgum.com
ap.lijit.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 rtb.openx.net 2 redirects eu-u.openx.net
3 ad.doubleclick.net 1 redirects gazette.com
3 fra1-ib.adnxs.com gazette.com
cdn.adnxs.com
3 us.ads.justpremium.com www.googletagmanager.com
az416426.vo.msecnd.net
gazette.com
3 id5-sync.com ads.pubmatic.com
cdn.id5-sync.com
gazette.com
3 js.ad-score.com gazette.com
js.ad-score.com
3 hbopenbid.pubmatic.com cdn1.opstag.com
az416426.vo.msecnd.net
3 apex.go.sonobi.com cdn1.opstag.com
az416426.vo.msecnd.net
3 fastlane.rubiconproject.com cdn1.opstag.com
az416426.vo.msecnd.net
3 htlb.casalemedia.com cdn1.opstag.com
az416426.vo.msecnd.net
3 prebid.a-mo.net cdn1.opstag.com
az416426.vo.msecnd.net
3 tag.1rx.io cdn1.opstag.com
az416426.vo.msecnd.net
3 trends.revcontent.com gazette.com
az416426.vo.msecnd.net
3 s1.ticketm.net gazette.com
3 cdn.ayc0zsm69431gfebd.xyz loader-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
3 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com securepubads.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
3 cdnjs.cloudflare.com production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 pixel.tapad.com 1 redirects resources.infolinks.com
2 c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 r.scoota.co 2 redirects
2 de.tynt.com 1 redirects router.infolinks.com
2 rt3002.infolinks.com az416426.vo.msecnd.net
resources.infolinks.com
2 a.sportradarserving.com 2 redirects
2 sync.aralego.com 2 redirects
2 rtb.adentifi.com eu-u.openx.net
ssum-sec.casalemedia.com
2 ads.creative-serving.com 2 redirects
2 cdn.aralego.net df80k0z3fi8zg.cloudfront.net
cdn.aralego.net
2 ads.avct.cloud 2 redirects
2 pre.ads.justpremium.com us.ads.justpremium.com
az416426.vo.msecnd.net
2 sync.search.spotxchange.com 2 redirects
2 pool.admedo.com 2 redirects
2 cdn.czx5eyk0exbhwp43ya.biz cdn.ayc0zsm69431gfebd.xyz
gazette.com
2 d5p.de17a.com 2 redirects
2 d.turn.com 2 redirects
2 ad.turn.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 green.erne.co 2 redirects
2 j.mrpdata.net 1 redirects eu-u.openx.net
2 a.volvelle.tech 2 redirects
2 pixel-eu.rubiconproject.com ap.lijit.com
2 pm.w55c.net 2 redirects
2 sync.go.sonobi.com 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
router.infolinks.com
2 googleads4.g.doubleclick.net gazette.com
2 prod-cosprings-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
2 protected-by.clarium.io gazette.com
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
2 dh014lg6uwepv.cloudfront.net gazette.com
2 event.insticator.com az416426.vo.msecnd.net
2 use.fontawesome.com client
use.fontawesome.com
2 g2.gumgum.com az416426.vo.msecnd.net
2 ssc.33across.com az416426.vo.msecnd.net
2 hb.aralego.com az416426.vo.msecnd.net
2 insticator.technoratimedia.com az416426.vo.msecnd.net
2 eua.instiengage.com auth.instiengage.com
2 auth.instiengage.com d3lcz8vpax4lo2.cloudfront.net
auth.instiengage.com
2 geoip.instiengage.com az416426.vo.msecnd.net
product.instiengage.com
2 cdn.revcontent.com gazette.com
2 os4m-d.openx.net cdn1.opstag.com
2 d3lcz8vpax4lo2.cloudfront.net gazette.com
d3lcz8vpax4lo2.cloudfront.net
2 api.bounceexchange.com assets.bounceexchange.com
2 www.facebook.com gazette.com
2 evvnt-plugin-proxy.global.ssl.fastly.net discovery.evvnt.com
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
2 maxcdn.bootstrapcdn.com production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
maxcdn.bootstrapcdn.com
2 js.matheranalytics.com 1 redirects gazette.com
1 ade.googlesyndication.com gazette.com
1 rules.quantcount.com secure.quantserve.com
1 imasdk.googleapis.com resources.infolinks.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 pubmatic-match.dotomi.com router.infolinks.com
1 dsp.nrich.ai 1 redirects
1 match.bnmla.com router.infolinks.com
1 dsp.adkernel.com router.infolinks.com
1 s.cpx.to router.infolinks.com
1 u.openx.net 1 redirects
1 beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 bttrack.com ssum-sec.casalemedia.com
1 dm-eu.hybrid.ai eu-u.openx.net
1 contextual.media.net ap.lijit.com
1 bcp.crwdcntrl.net 1 redirects
1 ad-cdn.technoratimedia.com df80k0z3fi8zg.cloudfront.net
1 biddr.brealtime.com df80k0z3fi8zg.cloudfront.net
1 cdn.districtm.io df80k0z3fi8zg.cloudfront.net
1 nep.advangelists.com 1 redirects
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 ads.yahoo.com gazette.com
1 bidswitch-eu.splicky.com 1 redirects
1 ad.yieldlab.net us-u.openx.net
1 csync.loopme.me us-u.openx.net
1 gu.dyntrk.com us-u.openx.net
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 tr.blismedia.com us-u.openx.net
1 sync.teads.tv us-u.openx.net
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 match.justpremium.com eu-u.openx.net
1 openx2-match.dotomi.com eu-u.openx.net
1 rtb-csync.smartadserver.com eu-u.openx.net
1 id.crwdcntrl.net az416426.vo.msecnd.net
1 cdn.adnxs.com gazette.com
1 live.rezync.com gazette.com
1 cms.instiengage.com product.instiengage.com
1 b2c.instiengage.com product.instiengage.com
1 geo.privacymanager.io ats.rlcdn.com
1 product.instiengage.com d3lcz8vpax4lo2.cloudfront.net
1 api.rlcdn.com ads.pubmatic.com
1 cdn.id5-sync.com gazette.com
1 secure.cdn.fastclick.net gazette.com
1 ats.rlcdn.com gazette.com
1 hb.emxdgt.com az416426.vo.msecnd.net
1 web.hb.ad.cpe.dotomi.com az416426.vo.msecnd.net
1 dmx.districtm.io az416426.vo.msecnd.net
1 insticator-d.openx.net az416426.vo.msecnd.net
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com az416426.vo.msecnd.net
1 s-jsonp.moatads.com gazette.com
1 z.moatads.com s.ntv.io
1 a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 paywall-ad-bucket.s3.amazonaws.com gazette.com
1 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
1 s.ntv.io www.googletagmanager.com
1 dfp.bouncex.net bloximages.newyork1.vip.townnews.com
1 api-mg2.db-ip.com fp-cdn.azureedge.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 evvnt-api.global.ssl.fastly.net discovery.evvnt.com
1 static.doubleclick.net www.youtube.com
1 g2insights-cdn.azureedge.net loader-cdn.azureedge.net
1 fp-cdn.azureedge.net loader-cdn.azureedge.net
1 s1.listrakbi.com cdn.listrakbi.com
1 ampcid.google.com www.google-analytics.com
1 cdn.sbgsodufuosmmvsdf.info loader-cdn.azureedge.net
1 js.adsrvr.org www.googletagmanager.com
1 cdn.listrakbi.com gazette.com
1 d31qbv1cthcecs.cloudfront.net www.googletagmanager.com
1 secure.quantserve.com gazette.com
1 www.googleadservices.com www.googletagmanager.com
1 tag.bounceexchange.com assets.bounceexchange.com
1 polyfill.io loader-cdn.azureedge.net
1 production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net 1 redirects
1 i.prcdn.co gazette.com
1 loader-cdn.azureedge.net gazette.com
0 ums.acuityplatform.com Failed ap.lijit.com
0 id.a-mx.com Failed cdn1.opstag.com
899 256
Subject Issuer Validity Valid
gazette.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-16 -
2022-01-14		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-10-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tag.bounceexchange.com
R3		 2021-09-24 -
2021-12-23		 3 months crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2021-11-22		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.listrakbi.com
Amazon		 2021-01-25 -
2022-02-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
discovery.evvnt.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
sni22a5egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-10-09		 a year crt.sh
*.google.co.uk
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
listrakbi.com
Cloudflare Inc ECC CA-3		 2021-08-09 -
2022-08-08		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-01 -
2022-11-01		 a year crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-01 -
2022-11-01		 a year crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-20 -
2022-03-22		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.opstag.com
Amazon		 2021-10-30 -
2022-11-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.wunderkind.co
R3		 2021-10-15 -
2022-01-13		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.beta.ticketmaster.ae
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-19 -
2022-05-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
*.a-mo.net
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
cdn.revcontent.com
R3		 2021-11-12 -
2022-02-10		 3 months crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2021-09-02 -
2022-10-04		 a year crt.sh
images.revcontent.com
R3		 2021-11-10 -
2022-02-08		 3 months crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2021-05-28 -
2022-05-28		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
cdn.id5-sync.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.rezync.com
Amazon		 2021-01-26 -
2022-02-23		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2020-04-03 -
2022-04-26		 2 years crt.sh
justpremium.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 02		 2021-07-07 -
2022-07-07		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-02		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.dyntrk.com
R3		 2021-10-23 -
2022-01-21		 3 months crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-01 -
2022-03-31		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
loopme.me
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-27 -
2022-02-22		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 01		 2021-07-22 -
2022-07-22		 a year crt.sh

This page contains 135 frames:

Primary Page: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Frame ID: 9DCB502E0DCD2A1CF99CF4429B538EB6
Requests: 247 HTTP requests in this frame

Frame: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Frame ID: 20449250790FC812A741AC38DA854864
Requests: 18 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8
Frame ID: 1803A01DECC9F7E09D8E60DE0602D3C6
Requests: 28 HTTP requests in this frame

Frame: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5B9C0CB22EBC5A2D6E79742AAF68880C
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 1EDA1CB17A8142E1543AB60DBF23257F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIUPdVEM0v6JH5OfCzFEvkYB3QdqujfzwIbEqrNnqPLhyEgUa1gpAA2FxfXujTxJqfEGtwBjvfVqJdncLm0vreFaqornNQgfxdUX4pxoN77Fa7XqCelwCJipTec5zKd_1fj1ehbfCAa04S6sHPEj3CmjK7HIk5EuJWTTbU8fd2ax_YGM2wicghI5NfWyE9U8Qz3-0l3eFwoXuTv5tV4BSMztgyYDpFDI1tYMN9dQMNk8mgrk8l3ekhAZevIyJg4OeuzaMh6geK-RIiO4Id0Ow4pdd4FV7W8-H9gRw1UTaPIMZnbalsWR5wirHUdvwobo6cxg&sai=AMfl-YTBPCMZKQ1Wt7DA2zU9B4Xi-68zSbFlE7nrGaYS9jquM0MNhgXyAWyxaiiBiZlH-kZXgcJWuNsipw9J8g8QkivNKqOaiCMkD9j3-9Y_au1B4mqB0DJLJGwiOlyG2ms&sig=Cg0ArKJSzJAen7fTBkawEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 713135FE06283C9C0EA59012AD2BBF87
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskqw9WriP1aHJy1io0NxXBUG0OYPaGT1-iyvzXBTjsHg1Cv8ugPIXNBH0qo2QntuUqRyRhx_XqZ-DQa-yZwzpgNFVPzvbAq8isXm8b6_UdS3JzlNaOJGvPfnu5YwSPbwq4OqZ4D0YMLpb3nrrHqIvJwIuxu63Mo9ejGyPNloQPiU2eqb68plkrYxpsqyY5cnerB46ni4AFNbwp9LBaVGwIqt4iMpvWupytwNN899R7mANvWmiSl1DwNskCLZutvF_0qCrGfUDSlP39UCedq4FH9VHuD3OlxLIW9-czPuq_Ycyt5IvtkXz4SDl0suNY76a5pw&sai=AMfl-YTf_Gg8hWtIjipVsRYaM0S-gYM56pz08o92ssE61TdS-QRLlSnh0Psf4Wqs-wUyYbr5aGjhuIS5EC_iu2gtlFg08LN0DSxnZQ-rI2NBv_JEXqM0imgJ-VDaKQO3V-k&sig=Cg0ArKJSzBqxcCMjt7j9EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 09C3640F7AEFBC42F457C89DF1283882
Requests: 7 HTTP requests in this frame

Frame: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2151D5C47E6018B4AAC4260D408CD5C1
Requests: 16 HTTP requests in this frame

Frame: https://cdn1.opstag.com/13875/prebid.js
Frame ID: 12AD3446416D59F3248B90D530F0A5CD
Requests: 28 HTTP requests in this frame

Frame: https://cdn1.opstag.com/13877/prebid.js
Frame ID: BC3D0AEB98E6A783CC8EAB227A97B938
Requests: 29 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AA13AB0C7F1271C238051684C5ED3B07
Requests: 1 HTTP requests in this frame

Frame: https://cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: A3A26B1C8F31257C7BF28C4F84604798
Requests: 1 HTTP requests in this frame

Frame: https://a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 7A5A4EAD6FEBE08C5A6E81ED07DAB98C
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000177
Frame ID: 8D12698426B494F46CCEE61517049FAD
Requests: 2 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: C12F765C07FCE5354CE20C65F833C236
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 825BD313F13E21D18FCE673B407DD297
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA5E83C11E5CEDFCA8BD4DB3E16C3D47
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 957BE200ACF2EE60138D5F460101747D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE2A6E7AAC949F63CF222B35BF357BA9
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfKSAzvSZnq5UXh_Dj4Dz9ylbJOxq7hfn_nLF7Y7qntb-53S_xAO9GQXJQ60IvtBBRzPctFTocSlCHEw8XkJdk7GPA_ZqNyNnt6Au4je6YbhT5Yj_4oetwegxU03dVR1lw_qB8gzYPi6nLyH1ayknnXADDHenPe-G6PmFoS1RvjLwO20eEnORnnpnjsXpdDicS8jdK1PNryVzG-9-xf52B4U8VcEvX_3m_7zQCg0vjtKkHwzdfbBJSUoyUA755WGvX2LoaU1T3y2mIxat9kb8lTDxX2Q36zC28NB7lxqVJ5X6L9ZslTIcAS1Cq97MNA_UK1sJmUBx6nhTHCzTGXZJaH0Bqz47M-zHAcS7JwGM_NCjHEso&sig=Cg0ArKJSzHhcsQ2vMTkUEAE&uach_m=[UACH]&adurl=
Frame ID: 40CC36D1317FAD40F45D66654619F6A6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst01GNYalZQEnFmpwbK6sN1PCYHh3JPGx38REC778eBEKQqbcg0Rr80TGCeWOidyynxGnCXw17DoA05KfVD5prSmhpYKed5wCO5UOj4uAvHOaMNoRiut6otuSX84yq4ckf1KCnDHU1wCfqjGfpFS8Pr4Qw4OAyhgwRPPx3Vm8JY3OAaGfuGDk3_NSTpyfRcUPxsvVU2xCVucnEKAEUEX4Mp-JRvg9uaBtb9XQNsBRPuN34BxYllItMeSGkIdTEoXeJOu9hbGoehhHmnDdbOvN3tJPV22VTXP8EeD-FjLpDpeKdlaBdTHEMpbwHFlozKzKHInNsyBpSKcChE0Z7ziw7blKGIEJYEDLulySQc4AO7vhPL0DiL&sig=Cg0ArKJSzH2gid_XU332EAE&uach_m=[UACH]&adurl=
Frame ID: 6B8FA1F4A1DD77EECFD3EB86D176BA67
Requests: 8 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: EC752AD8BA4D0DFA6892725CF7424C6A
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 8B9539291DB00D735C2F2741DCA7375A
Requests: 11 HTTP requests in this frame

Frame: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Frame ID: 9F4E3713FF016831B0CB0FBC19E06B18
Requests: 16 HTTP requests in this frame

Frame: https://b2c.instiengage.com/v3/pages/usertracking
Frame ID: 0649D07387FF5A4957633F540C60EFA7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP0pHYpRMbIpiJXoJ1tmaRdHgZSWvGy7DpQLuTgYIeSHc-vxLy5KeXWQ0uw-cSTC9sQT7cfHUypsVsZhpNsx4GjNK8keV69autYJuJw3aV2ZiWg1kXTUvbTAxaxb9XnJAfhQ9ZP-v3DeGwIAJB7HuF3mx02pbSlH1QTEfERT7eJD6q1Hw7TSRJI4dAkJh8_9X_zPb_OjPlPK8FnghKEiX9LV_GrADcrrLN5gKYLDWOBSvqOY7LriCXKeKzHENOHd-aHxONIo1RBMXzrpJiVkRU5hJ6l-CUXZLLGhssdAx1j1MzTxBTTvJLtPfbN4v6HgKqo-A&sig=Cg0ArKJSzHWn1VPvTz22EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3A688542E977D30B7ED68069A3584BE9
Requests: 21 HTTP requests in this frame

Frame: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BD4061028A9EBEE1D2DBBA1E11FDAB05
Requests: 12 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3695&pub_id=1570890
Frame ID: 51B3A19747D644F7D23AFD10B3EDA8D5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA21B03785E159C47AD4C3C54CCC6561
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F4F04EA019E364B712075E700D776E60
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Frame ID: 7C24AD15CD532F75E0846EEFF3A613CD
Requests: 27 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1F05B15A0C0B0B6CFCFDAEE954561516
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1636914154918
Frame ID: E74903561E01F151C18D28B23265D2DF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Frame ID: 173CBC237C534A22B33DC2836945A943
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 0D35B2A9F8A378689495FC72D653A6E2
Requests: 16 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8635F023D48385BBB496D74E8E46D465
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B16291E9F7D49B3BB9930A25B587D7BA
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Frame ID: 324976E660EEDDD01F0BCFE8053CBA24
Requests: 23 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1636914154919
Frame ID: 1CD147EC26D70B9FE9F5B9283F1C7739
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 35F59DC3DAFD955F52337FA9CB3ADF12
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13395636
Frame ID: 4446AC2E1693CE801F5AAF92FEEACEBD
Requests: 23 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Frame ID: 6710B203469059FF19EB50F2B5596BB3
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Frame ID: B2095F7BBDD1A19059BE55DBEF3FD1E4
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 91C81D8CE21EAC0C7E5DCE1F01318F3F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C49BC81EB19982B5949E007B1C58A9A3
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=8827102409063552111&gdpr=0&gdpr_consent=
Frame ID: C8F18AC909FDDA5344BEE70B7A835E92
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 21C26704B3F9340AA30230B52BEE9978
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 48CF65B39A32144CF026F17E70D90316
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 1065F508CD1E83F0657656B0CFE0AEE6
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 00A54565D162AFD27F757364C677F865
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 61D4C1E66CB3DECA0F5810E70C0E38D9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 007F6087EB34F449064B5104D2B8D731
Requests: 16 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 2B40A1B2F7731DB9414420AB0622D857
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=8899160003101480047&gdpr=0&gdpr_consent=
Frame ID: 30390948A68F0C14FD3B5F79CD333DC2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 4811E99C852D24F0404974B5C65EC056
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 52D99C7D99CC9030DE9C257DECFD4AAC
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A48DC60DEB221E249FB7E1D96C74D6EC
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=4AC4D667-EFFA-44E4-8780-780E7097946F
Frame ID: 75EBBD0289A2A441CB39C3EB342EAB08
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2869950818122420318
Frame ID: 607DE2120DCCC7A06592A10CCD41939C
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 45FAECDA61090968C886832FB37217A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F81D2980EE2CE8E225A68B74370BF17B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Frame ID: AD57F26A3EB38CC16EEE5E1C862F8A0F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 5EFE0250082582F1FC6ACD9D5271743D
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Frame ID: 8E9FC2C7CFBD06576AF9913B43C40604
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Frame ID: D0F20A158FE696562C72E77AC1EE77BF
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Frame ID: A0FCDF84557242A769416671E700CD96
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 1578091D04083F01B12A2C3D487666EB
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: D026C57B09F7FDA8FAE10D0909FE9821
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8XkAADmQBlYAAAAA
Frame ID: 717C63AA7FC43E8C2891D1F5271D4A49
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Frame ID: 68DEDB16545A401FB815D4C63D163189
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Frame ID: 8FA28C0317AC2A5C625E551DCE6DBE34
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: DC7AF3E571A9D220C85E74183BBB54C8
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Frame ID: 9B7DFF2D1A101A3E982C465918F5F9B0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 662D297E50EC4BC460EB0217E2897566
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Frame ID: A847D8714521D81724C4C97F8F8F5FBF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Frame ID: 119662122CC7DFDC57E1B4CDF21264BE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Frame ID: 7406DDD4E6C2BC2CF0FA624A27BEFB42
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 2FA3B6FB58F5A7CF507655C1B2469C02
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 3009C2B82922C9C965F361B633A2599F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8YMAAI9LBs4AAAAA
Frame ID: 1D23FB598D3674F708F747BFF8FC539A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Frame ID: 2315A076AABCB7C608F90036EE8DCF31
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Frame ID: F657F126138B5719B99D8C0503BE005E
Requests: 1 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync
Frame ID: 4FCDA3BDBEF7D479032FA44AB809CC9E
Requests: 1 HTTP requests in this frame

Frame: https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914159669&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=ajwjlh1636914159669&et=&aid=437812,437812,437812,437812,437814,437814,437814,437814,437814,437814,437818,437818,437818,437818,437817,437817,437817,437817,437817,437817,437808,437808,437808,437808,437808,437808,437816,437816,437816,437816,437816&said=1169037,1169038,1169039,1169040,1169045,1169046,1169047,1169048,1193258,1199839,1169062,1169063,1169064,1169065,1169057,1169058,1169059,1169060,1169061,1197385,1169021,1169022,1169023,1169024,1197495,1199841,1169053,1169054,1169055,1169056,1199840&ei=543886483%2C22439929%2C20978873%2C430426%2C543886481%2C22439931%2C20978871%2C430433%2C1193258%2C21711633394%2F116363%2F116363-as%2C543886482%2C22439935%2C20978872%2C430429%2C543886485%2C292925%2C22439934%2C20978875%2C430438%2C1197385%2C543886494%2C22439925%2C20978885%2C430430%2C1197495%2C21711633394%2F116363%2F116363-sa%2C543886484%2C22439933%2C20978874%2C430434%2C21711633394%2F116363%2F116363-fa&fc=cf,cf,cf,cf,as,as,as,as,as,as,ca,ca,ca,ca,fv,fv,fv,fv,fv,fv,sa,sa,sa,sa,sa,sa,fa,fa,fa,fa,fa&sp=22,1,32,39,22,1,32,39,42,13,22,1,32,39,22,24,1,32,39,42,22,1,32,39,42,13,22,1,32,39,13&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=95&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A7446%7D&ty=ex
Frame ID: E1B79AF2D14007E5DB071103AB512C1A
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Frame ID: 86C1F628D0AA85B4FA3F7C6788BF5245
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hZTA1N2E0NS1lZDk5LTRhMzQtODc1NC0wMWMwY2EyMmFjNmU=&gdpr=0&gdpr_consent=
Frame ID: 93895AB9B3368109A1A9A38993DBAE7A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Frame ID: BFC1FA7BD91F718E480929A845BD0C15
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 89603A6246A8FFA318B1577F37DF167B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FD94C1A790F00C87A11B279A9570EDC0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7085F10FC20B16ACF669710F77F41B77
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 2E555A794335EEB96E15540D784D88DA
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13406715
Frame ID: 4D89AB53553FD5223AD778ABFE8F6338
Requests: 20 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Frame ID: E15DF5AFB26093C34CEF1B465FD55643
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 58C8DA25B9B934776E0407B46532D9A0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bDGk30ovOr6R8YaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: CD54C3EB4E8EF3C18569151B3CAD8829
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Frame ID: 8AB92E6530C477BCD7C5D5331A059552
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 4502171A228858DD9DE1AEB526A2E3B1
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 07D939BD4A57C3B12848849F19E8368F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3D69977943D18D69E0BDBE1EBA0064FD
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Frame ID: 3AB4332EE4E195E605D6DDB4E5651223
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Frame ID: 05E43CD8BF5CC915987786766CB5D954
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 0E75FD5A6E15839534336CA6FBC19E3B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Frame ID: B2004E5A3B5D1343683A66B024FF12CF
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Frame ID: 59A6EB6C948BD882A07A5155C43B26E9
Requests: 3 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Frame ID: 51A758C325C8738BA1F750615452945B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAj30SovOr6R8YaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7F26473D9FD3D39B63F0B170316BD626
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 37B9CA49E27F0FF130175F50C7A9E727
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 652F1FEB64775F161C3DF5ACCD8AC20C
Requests: 10 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 7685AD71C5D346D0B10697FBC755360A
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: 8C35FD497C45376CD6B35A5B8620798F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: BFF8825BC7956836EBF4356539A17F15
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 772784C83BB65FCC1D0A0BFAD8CFCC1A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Frame ID: 4070C30DF9743BCDBD658CC513DA4979
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 65F299B1CE71936B3A916AC14E1A9ABF
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Frame ID: 9BAC75AF40E6CD729A6AB69727E62DAF
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Frame ID: 4E0E0F0DE4747180F22307F65931022C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Frame ID: 80C7514E1B71E79563F5BC409001F7FC
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: A41D9F23D39AC2D94C1984DF02D62448
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 017BA8B452DACAA2364E8A449DE39C11
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YZFT8MCo8YMAAI9LBy8AAAAA
Frame ID: C811C706B5AEC169D8CB9FD233955F47
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Frame ID: A1AA1FEB1ACB201AC95D79855CDCF8DA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Frame ID: B2ACAAC0240D5573E7BD874707535722
Requests: 1 HTTP requests in this frame

Frame: https://beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 489507E0E05B11B5C756D07D34B306C0
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Frame ID: 3A1BDE9575448C3A49789599D0FB2642
Requests: 17 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B8E9914150AACE556C536F203E7D569B
Requests: 8 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Frame ID: 96341F3BB53AB5AE72F39D3D877651C8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Frame ID: 8AFDA92922D550790CD86C75789A8423
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 1BBECDB9A79FB4CBE54899327C52E513
Requests: 1 HTTP requests in this frame

Frame: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 812D966CBD94BA3717FED42FEA836B94
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3F435FC7515E84B2DBEA6FA360B3C56C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 380C5826AED5E64068481424F47A18A8
Requests: 2 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container.html
Frame ID: F53609C302896E571BFEB5A6BF7CB79E
Requests: 2 HTTP requests in this frame

Frame: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D6545C9CAECE9402A34BED8F412961CE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Frame ID: F15A0CA2B58A8BE39F9B878AB1922551
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73FBDBE1E6F9AD4819C0BA00E4FDFCB7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FBI email system hacked to send fake cyberattack alerts | News | gazette.com

Page Statistics

899
Requests

80 %
HTTPS

26 %
IPv6

148
Domains

256
Subdomains

172
IPs

12
Countries

9802 kB
Transfer

25913 kB
Size

222
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js HTTP 301
  • https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Request Chain 35
  • https://js.matheranalytics.com/s/ma96165/775313800/ml.js?cb=1579 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma96165/775313800/6/ml.br.js
Request Chain 37
  • https://sb.scorecardresearch.com/cs/15743189/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 57
  • https://sb.scorecardresearch.com/b?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&c8=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&c8=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&c9=
Request Chain 125
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 165
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871&pre=1
Request Chain 175
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375&pre=1
Request Chain 182
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=bouncex HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbouncex%26bsw_param%3D418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=30&ssp=bouncex&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 186
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY HTTP 301
  • https://tpc.googlesyndication.com/simgad/10091498889470987024
Request Chain 189
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-GGadnx1bEcwSEpDMWFlWHF5RFlhVHNMa2ZiVGh2VlNlcEZaankzSHdrbW4wVGE3d2p5czJQam5Vbm5PZVRQUWp5WWUyZnRlajRvRlRjazRwaWV2WVlkMk1vckIyTWl3d2dWRlJRRVl2MHdRSTB4WTE4ekd4M3AvYmwzdmtRVW1HTXI4RDlpZmUwVmZFRUNXYWZYWmN3d0dIQ21oK1ZXYzBVSlRCMmgxODJyd3llQ3RDVGVCam1QaHIzTzFKM1RGVEJUMS9SOWZNd0NpSDI3RXpUNC9iNDJLQmxWTThoMHFKcWY1RmM2K2d0QXJ3QWlRPXw&cppv=2
Request Chain 193
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Qu1VKXxtcUYwK2p4KzN2ODdwYzQ2WW85eEFIMmRTN0JIcGZsdVB1VmJvWllIMkxvTmVTMHc4QS85MmlVcjlXZEc3WjZ2d0wvQUVUekRacUhrYjBNenpMNjRFOUFoS0ZRYWhPbVZZaUMvbFltVWpFZHU2dUZlSGtkUll2NFdMWThWRWNRbFZOVHdiQ25NSHh6bE5kSS9XQVlORldXZDNncUdwQVlJVEo5WWwrTUgyR3J5dElFaVpTQ1NZUy9CT3dBUUdRNmFSZHZyRXo0ekpDYXBuNzFDMDFlcDdBeUdsVU5qYTFzeDN3RzlHOEkxVXk4PXw&cppv=2
Request Chain 305
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&bundle=UnXmv19ROUpSU29uaDd0NldyOXMwaVV3dEVzSTV5T2ZDOCUyRkJwc3dBVVhKeHppeFZuVzVPa0NRaGVRQ3puZHE3R1V3T1ZwJTJGZSUyQlRJZnpDJTJGYkdXQVd3dkV2bDN1YllOOVNZRlRxU0xMbCUyQm5qTks1RUNsdjB4VG1PaUZvcFpRMk4lMkY5bGlKZA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=WiHAg3xXQ3AvNzRPMG50OGwwbTU0RnlRSU1wM0FOZDdRL3J5WVZpc2lBWmpRWVVSQWw3ODkvU0oydWFwOWdQVWdhUWl4QlJoRS9TdTAzK0RtU0NoalgzbkxZZE5hOW4wU1BHYkNmZG1pYTNvd2ltRXVNTjNtNXdSQWk1amx3SlJzcHBMV2tDWW5aRjNlWFBsZ0laL2ZxSEJJdUc2RjNnSGVrMFBEN1VpUDZWYWsrK0Jibzd2WmNaa29aQnB0azF6cVVBaFp3UTE3aHZiQkFiNDZ5RjIyUUVZM201aUt2RjkzNXI1cE51aklpZllXeXI4bE9LWitKYXNVUXlaWlo0VGlOSGFHfA&cppv=2
Request Chain 412
  • https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_pre=CJaVobe8mPQCFSET0wodL7cKHg;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 427
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFMUCZcXE1_eH9PWh51AXak&google_cver=1&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==
Request Chain 428
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPLs4LV4rJbUB6KADWSTQns&google_cver=1&google_push=AYg5qPI8JJms8jpzcygOmc3RpeE2VW1bas6WxWHF6oatD8J43NvHCWeYesbjAAvfbGT3Z8f04ezR8sx8n9P9Z9MN_3O_XGJMxUKJRw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPLs4LV4rJbUB6KADWSTQns&google_cver=1&google_push=AYg5qPI8JJms8jpzcygOmc3RpeE2VW1bas6WxWHF6oatD8J43NvHCWeYesbjAAvfbGT3Z8f04ezR8sx8n9P9Z9MN_3O_XGJMxUKJRw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8JJms8jpzcygOmc3RpeE2VW1bas6WxWHF6oatD8J43NvHCWeYesbjAAvfbGT3Z8f04ezR8sx8n9P9Z9MN_3O_XGJMxUKJRw
Request Chain 430
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU
Request Chain 432
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENFBtnMxiGa7RVbwbI7FMdY&google_cver=1&google_push=AYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA%26google_hm%3DA-p2J0vG2khcrezUieNFoRg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA&google_hm=A-p2J0vG2khcrezUieNFoRg
Request Chain 443
  • https://ap.lijit.com/beacon?informer=13395636 HTTP 302
  • https://ap.lijit.com/beacon?informer=13395636&dnr=1
Request Chain 466
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=eM6dyD7x1MMk9g5
Request Chain 467
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=openx&gdpr=&gdpr_consent=
Request Chain 468
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7056585800145824787
Request Chain 469
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUF3d2prN0RJcWdBQURONnFnQzVpdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAKNLU7DIqgAACi-pB65dg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKNLU7DIqgAACi-pB65dg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAKNLU7DIqgAACi-pB65dg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAKNLU7DIqgAACi-pB65dg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Request Chain 470
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1e066191-53ea-4000-9f9b-18f43ac809c2
Request Chain 471
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=84iDLvCK33ro2Iop9Y6XJqOJiifoiYMv_N15Q5VL
Request Chain 472
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1862826982252112349
Request Chain 475
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOzVHbqLf8kpyHUI7KQCjqQ&google_cver=1
Request Chain 477
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 478
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 480
  • https://um.simpli.fi/lj_match?r=1636914158285&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=7D9AC2D8259445E88129DB1CF0ECA8C4
Request Chain 482
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Request Chain 484
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5021200557 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5d37eff7-cbdd-41f5-a1e6-a7dab2310826 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 485
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Request Chain 486
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=5e218d54-1ab9-4bff-9ae3-10fb68131e12&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 487
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Request Chain 489
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Request Chain 490
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAKNLU7DIqgAACi-pB65dg&gdpr=0
Request Chain 491
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a94ec1c46f1f87cb5c34bd81&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 493
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 494
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
Request Chain 495
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 496
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=xMtxXf4qYirw&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 497
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/fr/epx.gif HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 498
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Request Chain 501
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=E99B3E48C4434A599A6D7D9DF36F0440
Request Chain 502
  • https://j.mrpdata.net/c.html?ex=OpenX HTTP 302
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Request Chain 504
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YZFT7gAAAJTV7ABG HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZFT7gAAAJTV7ABG&_test=YZFT7gAAAJTV7ABG
Request Chain 507
  • https://green.erne.co/openx/cm HTTP 302
  • https://pixel.onaudience.com/?mapped=bbHKJLzImMxK3apmSHsAX0Su&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DbbHKJLzImMxK3apmSHsAX0Su HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DbbHKJLzImMxK3apmSHsAX0Su HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DbbHKJLzImMxK3apmSHsAX0Su HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=974e66315ea5176b68295dbf7d19d07b&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DbbHKJLzImMxK3apmSHsAX0Su HTTP 302
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DbbHKJLzImMxK3apmSHsAX0Su HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=bbHKJLzImMxK3apmSHsAX0Su
Request Chain 508
  • https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3390519196593366163&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 509
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 511
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 512
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419450933626&expires=30&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 513
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=nThvnYKWiDWC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 514
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAI1G07DIqgAACirBDYRPA&gdpr=0
Request Chain 516
  • https://um.simpli.fi/lj_match?r=1636914158333&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
Request Chain 519
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6902005581542410281&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 520
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Request Chain 521
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Request Chain 522
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5124322320276799401
Request Chain 524
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3685605022 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/5d37eff7-cbdd-41f5-a1e6-a7dab2310826 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 526
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
Request Chain 527
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 528
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Request Chain 529
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 530
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Request Chain 532
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a94ec1c46f1f87cb5c34bd81&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 534
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=8827102409063552111&gdpr=0&gdpr_consent=
Request Chain 543
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=8899160003101480047&gdpr=0&gdpr_consent=
Request Chain 554
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2869950818122420318
Request Chain 556
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 557
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1e066191-53ea-4000-9f9b-18f43ac809c2
Request Chain 558
  • https://pixel.onaudience.com/?partner=214&mapped=4AC4D667-EFFA-44E4-8780-780E7097946F HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba55fc2f1c37e621 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e26fecc1d4d&zcluid=ba55fc2f1c37e621&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGUYSSlCov-X9u3ajJlTEEM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e26fecc1d4d&zcluid=ba55fc2f1c37e621&zdid=1332
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEFDNEQ2NjctRUZGQS00NEU0LTg3ODAtNzgwRTcwOTc5NDZG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 560
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFAPgOhI0Akjjq2oMwAGViI&google_cver=1
Request Chain 562
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 563
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3998963926277376459
Request Chain 564
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5d37eff7-cbdd-41f5-a1e6-a7dab2310826
Request Chain 565
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7056585800145824787&gdpr=0&gdpr_consent=
Request Chain 567
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4AC4D667-EFFA-44E4-8780-780E7097946F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6z5HRyJE2uWnchBfmnrd4RN6G7vFSjI-~A&gdpr=0&gdpr_consent=
Request Chain 568
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR
Request Chain 570
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid= HTTP 302
  • https://sync.teads.tv/um?eid=64&uid=11c131b0-16d9-4efd-a546-9fd1e0fdff35
Request Chain 572
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3&dcc=t
Request Chain 573
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ad801a30-652b-4c39-a36f-1e4a1b66c73f HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ad801a30-652b-4c39-a36f-1e4a1b66c73f HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662303486113618
Request Chain 574
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=d9909a52-4577-11ec-8d37-f550d1b46541
Request Chain 580
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Request Chain 581
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 582
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4000ba14-f1f1-446b-6da7-87489a8c618a$ip$194.36.110.165
Request Chain 583
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 584
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ea76274b-c6da-485c-adec-d489e345a118-003&rndcb=6509807925 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53&google_hm=NDE4MzA3YjMtMmVmZS00YWU3LWFhN2MtZmVhYTI0NjJkYjUz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBqM3galH6JIIL4SZBK-I4M&google_cver=1&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/418307b3-2efe-4ae7-aa7c-feaa2462db53?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 585
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=QO6f9yNTrMer&ev=1&pid=558355
Request Chain 586
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Kk04-Kohn4l8FKaBQWg0bgpBWsEbBZS_8TmN885QF0XekW3hvkGTbddC2Y5LSZU_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Kk04-Kohn4l8FKaBQWg0bgpBWsEbBZS_8TmN885QF0XekW3hvkGTbddC2Y5LSZU_%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(Kk04-Kohn4l8FKaBQWg0bgpBWsEbBZS_8TmN885QF0XekW3hvkGTbddC2Y5LSZU_) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Request Chain 587
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Request Chain 588
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Request Chain 589
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Request Chain 592
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Request Chain 597
  • https://sync.1rx.io/usersync/openx/378d7bef-8be1-47cc-84d9-f9454f00737f HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 598
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455419450933626
Request Chain 599
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id= HTTP 302
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=6e449cc7-a0c9-4ca2-a4a3-81ab16d63e37
Request Chain 600
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a&verify=true
Request Chain 602
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Request Chain 603
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 604
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Request Chain 605
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 606
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ea76274b-c6da-485c-adec-d489e345a118-003&rndcb=5868319115 HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=312e0849-472b-4244-874d-2908fbb118e4&user_group=1&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/418307b3-2efe-4ae7-aa7c-feaa2462db53?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 607
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=cOCI2k7mCcFM&ev=1&pid=558355
Request Chain 608
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3Dx6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3Dx6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ&__user_check__=1&sync_id=da422ba1-4577-11ec-a9a5-132476d60106 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=da422b3c-4577-11ec-a9a5-132476d60106&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Request Chain 609
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Request Chain 610
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Request Chain 611
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=d997032c-4577-11ec-8d37-f550d1b46541
Request Chain 614
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Request Chain 617
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVZKF9I1-1C-9I5B&sigv=1&esig=2~0c7b9d8d1243e866112d46bc1eab8b2b5b53ef6b
Request Chain 618
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZaS0Y5STEtMUMtOUk1Qg==
Request Chain 619
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZFT7gAAAJTV7ABG
Request Chain 621
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bzCbg6QQ-gnInM-LCX4AL8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525045425150366387
Request Chain 622
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9WxsPkQtMt_RrNTzhArqI&google_cver=1
Request Chain 623
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=28
Request Chain 624
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE2NDBkNDYxYzQyZjcxNGQ1NDk0MDI3MjEwNzk3ODM0NDc3ZWJlNQ
Request Chain 626
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZFT7mekqH4Urk7gkrt5pgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
Request Chain 627
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
Request Chain 628
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Request Chain 631
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3390519196593366163
Request Chain 635
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZFT7mekqH4Urk7gkrt5pgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
Request Chain 636
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
Request Chain 638
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Request Chain 641
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d5a5e59c-ea36-495b-96f6-39df4e9f02ab
Request Chain 645
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Request Chain 646
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 647
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 648
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Request Chain 652
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8XkAADmQBlYAAAAA
Request Chain 653
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Request Chain 654
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Request Chain 656
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Request Chain 657
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 658
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 659
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Request Chain 663
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8YMAAI9LBs4AAAAA
Request Chain 664
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Request Chain 665
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Request Chain 681
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@2.1.2 HTTP 302
  • https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js
Request Chain 690
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Request Chain 691
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Request Chain 692
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=wht6XSTg3MYf&ev=1&pid=558355
Request Chain 693
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Request Chain 694
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 695
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Request Chain 697
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 703
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Request Chain 706
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Request Chain 710
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 713
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Request Chain 717
  • https://id5-sync.com/s/441/9.gif?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/5/5.gif?puid=974e66315ea5176b68295dbf7d19d07b&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/4/6.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/340/3/7.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/match?uid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F2%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent=&google_gid=CAESEPn7VArUEI-sMgwQVl66vqI&google_cver=1 HTTP 302
  • https://id5-sync.com/c/441/473/2/8.gif?puid=f01Yp7K9r9fTt-SF8mB7CBk8A&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Request Chain 718
  • https://id5-sync.com/s/441/9.gif?puid=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/5/5.gif?puid=974e66315ea5176b68295dbf7d19d07b&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/160/4/6.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/340/3/7.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/match?uid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F2%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOltdfQ%3D%3D&gdpr=1&gdpr_consent=&google_gid=CAESEPn7VArUEI-sMgwQVl66vqI&google_cver=1 HTTP 302
  • https://id5-sync.com/c/441/473/2/8.gif?puid=f01Yp7K9r9fTt-SF8mB7CBk8A&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Request Chain 719
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ae549f4d-91cb-43ce-ab11-9ad6a8b1d5c9&ssp=gumgum2&expires=30&user_group=5&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 722
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Request Chain 723
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
Request Chain 725
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2032%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5749011601 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2032/no-consent?zcc=0&sspret=1&rndcb=5749011601 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 726
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 727
  • https://um.simpli.fi/lj_match?r=1636914159977&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
Request Chain 728
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Request Chain 730
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=a94ec1c46f1f87cb5c34bd81/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=974e66315ea5176b68295dbf7d19d07b&gdpr=0&gdpr_consent=
Request Chain 731
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Request Chain 734
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0
Request Chain 735
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Request Chain 736
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=fmx&gdpr=0&gdpr_consent=
Request Chain 737
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent= HTTP 302
  • https://px.owneriq.net/fr/epx.gif HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 750
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/323087e2-de4a-365b-80c8-f52ef591edf1?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ziusCshE2oUJjxwFKvJ3yVYCIY_SZ.k15EZ2pU4-~A&redirect= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MzIzMDg3ZTItZGU0YS0zNjViLTgwYzgtZjUyZWY1OTFlZGYx&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 751
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Request Chain 752
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5e800d9e-014e-4f5c-bb2c-22fea47ba1b2&ssp=gumgum2 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Request Chain 753
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Request Chain 754
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 755
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=5379861019 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/1506/7056585800145824787?zcc=0&sspret=1&rndcb=5379861019 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 756
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=siXggK9z5oC5&ev=1&pid=558355
Request Chain 757
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Request Chain 758
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Request Chain 759
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Request Chain 760
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Request Chain 763
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Request Chain 767
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Request Chain 768
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 769
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Request Chain 770
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Request Chain 774
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT8MCo8YMAAI9LBy8AAAAA
Request Chain 775
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Request Chain 776
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Request Chain 780
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=1&gdpr_consent=
Request Chain 781
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKNLU7DIqgAACi-pB65dg&expiration=1638123760&gdpr=1
Request Chain 784
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639506160
Request Chain 785
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 804
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Request Chain 807
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=e3745e2f-3bf5-42c9-821b-bd61ff8bee24&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D4AC4D667-EFFA-44E4-8780-780E7097946F HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=4AC4D667-EFFA-44E4-8780-780E7097946F
Request Chain 808
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=7056585800145824787
Request Chain 809
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=8f2c491c-e380-422b-95fb-975f111f9a96
Request Chain 810
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-mkzxzQ1E2uHquzazAs_kFo4iopkS.4JK7LLL7_I-~A
Request Chain 811
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadobe%2F2109%2F%24%7BTM_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7027172643 HTTP 302
  • https://sync.1rx.io/usersync3/adobe/2109/YZFT7gAAAJTV7ABG?zcc=0&sspret=1&rndcb=7027172643 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003 HTTP 302
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Request Chain 812
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
  • https://router.infolinks.com/dyn/zmn-usync?uid=
Request Chain 814
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fgazette.com%252Fnews%252Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%252Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=12306&adnxs_uid=$UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=12306&adnxs_uid=7056585800145824787
Request Chain 816
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd9768320-4577-11ec-bad9-020dabedf6f0 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-W33f4ItE2uGcaripW7wEXs1C6CraMED.~A~UPd9768320-4577-11ec-bad9-020dabedf6f0
Request Chain 818
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
  • https://router.infolinks.com/dyn/sovrn-usync?uid=a94ec1c46f1f87cb5c34bd81
Request Chain 819
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d5e76e24-1020-42c5-a966-7f47b1fbdf8a&expires=1&user_group=5&ssp=pubmatic&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4AC4D667-EFFA-44E4-8780-780E7097946F&gdpr=0&gdpr_consent=
Request Chain 821
  • https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
  • https://router.infolinks.com/dyn/zeta-usync?uid=5134455419450933626
Request Chain 825
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1637000561&gdpr=1
Request Chain 826
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=SI3V2UuPiY1T3dzeTovB0RiM3NBTjNXYR9jx4Bdl
Request Chain 850
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337
Request Chain 884
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

899 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/ 		395 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
ff2099cb6874b4334eba38f29bc2f6797fa932e88a32cab129788e02fb6acd77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sun, 14 Nov 2021 16:41:55 GMT
content-type
text/html; charset=UTF-8
x-loop
1
x-tncms-bot-tier
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 14 Nov 2021 16:16:01 GMT
x-robots-tag
unavailable_after: Sunday, 28-Nov-21 16:16:00 Z noarchive
x-ua-compatible
IE=edge
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f7f607461e880929e17a0ecdc234e5df.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms
1.60.2; app19; 0.45s; 6.7M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
etag
W/a749d57156d58c90c51c4676507fe20a
content-encoding
gzip
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age
6035
cache-control
public, max-age=10
x-vcache
HIT
accept-ranges
bytes
content-length
66737
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677369
cf-ray
6ae244056ad171d2-LHR
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e609f2-1882c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:11 GMT
user.js
gazette.com/shared-content/art/tncms/user/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazette.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
9476713709bfb2efbef10bee7267250bd6ef908f0f31927fc3f55d0d801a60d5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:19:31 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 22:33:25 GMT
age
179
etag
W/"618d9a35-2b02"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3994
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677369
cf-ray
6ae244056ad871d2-LHR
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 16:00:55 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244058af071d2-LHR
last-modified
Wed, 05 May 2021 20:06:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fad2-8154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 11 May 2022 19:01:12 GMT
tnt.f7f607461e880929e17a0ecdc234e5df.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.f7f607461e880929e17a0ecdc234e5df.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f66e0da13cae3e47b11da471fdf881280333b3ff2583611715640656b338ab
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1120329
cf-ray
6ae244058aef71d2-LHR
last-modified
Fri, 29 Oct 2021 16:41:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"617c2425-2566"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 01 Nov 2022 19:01:19 GMT
application.cb897187c4718280fd69d2e6d6c3909d.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244056ad271d2-LHR
last-modified
Thu, 23 Sep 2021 14:47:50 GMT
x-vcache
MISS
server
cloudflare
etag
W/"614c9396-104a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 26 Oct 2022 08:24:43 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244056ad771d2-LHR
last-modified
Tue, 06 Jul 2021 13:05:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45508-9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:11 GMT
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244056aca71d2-LHR
last-modified
Wed, 05 May 2021 20:06:15 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fab7-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:03:06 GMT
layout.30d75e9a57e3e756d5985de69868a18b.css
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		149 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.30d75e9a57e3e756d5985de69868a18b.css
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971842b80b8d4e847ed32adf3e62de2cf6e8cce9080d54321583d6d524de0f6b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1120329
cf-ray
6ae244056ace71d2-LHR
last-modified
Fri, 29 Oct 2021 16:42:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"617c2464-255ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 01 Nov 2022 19:01:19 GMT
theme-basic.da34fee69fbd9a506f70c74c56e2ccfa.css
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.da34fee69fbd9a506f70c74c56e2ccfa.css
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87b11389685f99baf3f7685bce4814a3a511dba56edfa5a07d900893c1d79acc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244056ad071d2-LHR
last-modified
Wed, 05 May 2021 20:07:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fb0b-a433"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:11:58 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72b7c9a124fb00b66b2a1eb3346c198fa0cae903f8feb43616513465bcfbba18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:22:31 GMT
server
ESF
date
Sun, 14 Nov 2021 18:22:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 18:22:31 GMT
access.js
gazette.com/shared-content/art/tncms/api/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazette.com/shared-content/art/tncms/api/access.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:17:47 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 22:33:25 GMT
age
284
etag
W/"618d9a35-15686"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
34923
service-worker-allowed
/
loader.min.js
loader-cdn.azureedge.net/prod/cosprings/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C1D) /
Resource Hash
21395d9b89133e2ce8d50227b782e496a2a4b9d58165964edc80abf4fab0ac61

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
gzip
content-md5
7KBDxp7Mpfo0QsunQbwBiA==
age
25181
x-cache
HIT
content-length
11865
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:03:19 GMT
server
ECAcc (mil/6C1D)
etag
0x8D9A428F0A2BE5C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
23b46e13-301e-012e-0b49-d9e0ed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
b3d62f785e2d848c2552a471668b6a79647d0b01401825294155c005f1b6f6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1043 / 675 of 1000 / last-modified: 1636758378"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26703
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:31 GMT
sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244084ebe71d2-LHR
last-modified
Fri, 16 Apr 2021 14:03:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60799933-5bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 01:26:17 GMT
tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c560324c7f03d65de3340a88510ef32d8702b8924f2c5e87468e12a13e8906
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244084ec171d2-LHR
last-modified
Wed, 05 May 2021 20:07:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fafa-1116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:15:04 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		200 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677369
cf-ray
6ae244056ad371d2-LHR
last-modified
Tue, 06 Jul 2021 13:06:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45542-c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 08 Jul 2022 16:46:54 GMT
tracking.js
gazette.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazette.com/shared-content/art/tncms/tracking.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:05 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 22:33:25 GMT
age
26
etag
W/"618d9a35-a4b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1149
service-worker-allowed
/
fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		253 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677368
cf-ray
6ae244084ec271d2-LHR
last-modified
Wed, 25 Aug 2021 16:36:45 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6126719d-3f553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:14 GMT
tracker.js
gazette.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gazette.com/shared-content/art/stats/common/tracker.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:18:06 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 19:09:11 GMT
age
264
etag
W/"60b928d7-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
58f3912a-f547-11eb-a31e-cfc0a8c9a911.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/58f3912a-f547-11eb-a31e-cfc0a8c9a911.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612bdc9d356ad2e2bd3f305b153c06a23717f7920224adb4af1ab9f3e3842cf7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
1471629
cf-polished
origFmt=png, origSize=72848
last-modified
Wed, 04 Aug 2021 17:13:54 GMT
content-disposition
inline; filename="58f3912a-f547-11eb-a31e-cfc0a8c9a911.webp"
content-length
46542
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"610acad2-11c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 27 Sep 2022 13:16:42 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae244084ec371d2-LHR
cf-bgj
imgq:85,h2pri
img
i.prcdn.co/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.prcdn.co/img?cid=9YMC&page=1&width=300
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bbdd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a98506ec5f6708ca309a7ed641534b23cea553d4ac3d3d9878ba81741d539043

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
cf-cache-status
HIT
age
501855
cf-polished
degrade=85, origSize=64067, status=webp_bigger
cf-bgj
imgq:85,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
42434
accept-ranges
bytes
last-modified
Mon, 08 Nov 2021 22:58:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, no-transform
wc
d7
cf-ray
6ae24409da010e02-MXP
expires
Wed, 08 Dec 2021 22:58:17 GMT
14b6086e-f464-11eb-a31e-2f5b7c1a0ff1.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/14b6086e-f464-11eb-a31e-2f5b7c1a0ff1.png?resize=540%2C167
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e8f32a58d20c63925df016ebe6175f2267307c9ecfc54592109110c13a4fa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
459732
cf-polished
origFmt=png, origSize=79720
last-modified
Tue, 03 Aug 2021 14:07:04 GMT
content-disposition
inline; filename="14b6086e-f464-11eb-a31e-2f5b7c1a0ff1.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"1dba0646a67ff36259f8cbb436917ecc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 13:49:44 GMT
cache-control
public, max-age=31536000
cf-ray
6ae244084ec471d2-LHR
cf-bgj
imgq:85,h2pri
24918efc-f464-11eb-a31e-33006c6afa43.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/24918efc-f464-11eb-a31e-33006c6afa43.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6446281d52a46f0de17191bb7e7da0cf35c413a55f6409150490d53209ba2131
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
1677243
cf-polished
origFmt=png, origSize=72165
last-modified
Tue, 03 Aug 2021 14:07:31 GMT
content-disposition
inline; filename="24918efc-f464-11eb-a31e-33006c6afa43.webp"
content-length
46344
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"61094da3-119e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 27 Sep 2022 13:16:42 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae244084ec671d2-LHR
cf-bgj
imgq:85,h2pri
61913641643fd.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/f/38/f384ffd3-d746-5588-b337-e004da4e35dd/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/f/38/f384ffd3-d746-5588-b337-e004da4e35dd/61913641643fd.image.jpg?resize=990%2C604
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe27388be7dd8289ae73d2da0c1eb0d6dcbe18d0ce7c88b0879dbf28c9d5e06
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
cf-polished
origSize=69343, status=webp_bigger
last-modified
Sun, 14 Nov 2021 16:16:01 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"2378b5f1d0cb6628a4b65d990b57703c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Nov 2022 16:21:45 GMT
cache-control
public, max-age=31536000
cf-ray
6ae244084ec771d2-LHR
cf-bgj
imgq:85,h2pri
evvnt_discovery_plugin_s.js
discovery.evvnt.com/prd/current/
Redirect Chain
  • https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
  • https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
515 KB
515 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:14:36 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
47317
etag
"361dfe48faf32bcab68638fce40d0885"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
526870
x-amz-cf-id
BrzDkVs6QWveEL1Y7Xe0I1ZCe5JM-xFzx-d4rvC5O60doCeSlczYCw==

Redirect headers

Date
Sun, 14 Nov 2021 18:22:31 GMT
Via
1.1 varnish
Server
Varnish
X-Timer
S1636914152.774697,VS0,VE0
X-Served-By
cache-lcy19233-LCY
X-Cache
HIT
Location
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Connection
close
Accept-Ranges
bytes
Content-Length
0
Retry-After
0
X-Cache-Hits
0
iframebuster.js
assets.bounceexchange.com/assets/bounce/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:16:45 GMT
content-encoding
gzip
age
346
x-guploader-uploadid
ADPycdvzs12xazgumZEbwyMgKKoK9Ktu859Zlf8YAZmv_Oog1m_WuIX6JOydjMV6c2NNC4LOPgi5Jyzp3Ef5iDcjVSD_FZ-LMA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
539
last-modified
Thu, 25 Jul 2019 15:10:59 GMT
server
UploadServer
etag
"0cfef24c569b42826ee2e88465d4bfb6"
vary
Accept-Encoding
x-goog-hash
crc32c=DjYwig==, md5=DP7yTFabQoJu4uiEZdS/tg==
x-goog-generation
1564067459897939
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
539
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 14 Nov 2021 18:46:45 GMT
ad25ea64-f4a1-11eb-a31e-c30add578fa0.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/custom/image/ad25ea64-f4a1-11eb-a31e-c30add578fa0.png?resize=540%2C167
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e8f32a58d20c63925df016ebe6175f2267307c9ecfc54592109110c13a4fa8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
1676227
cf-polished
origFmt=png, origSize=79720
last-modified
Tue, 03 Aug 2021 21:27:59 GMT
content-disposition
inline; filename="ad25ea64-f4a1-11eb-a31e-c30add578fa0.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"d15543e4c9b761d29e5480c58258c414"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 13:49:44 GMT
cache-control
public, max-age=31536000
cf-ray
6ae244084ec871d2-LHR
cf-bgj
imgq:85,h2pri
asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		941 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244074d6271d2-LHR
last-modified
Fri, 16 Apr 2021 14:03:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60799926-3ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 01:26:17 GMT
tnt.ads.core.fa820af8c4b7651b60faff4dca7ed722.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.fa820af8c4b7651b60faff4dca7ed722.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c1ad804d66f46498c27b981ba3ab3ec1be2e41db1dfb2d309a5a3994c6e741
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1120328
cf-ray
6ae244077da771d2-LHR
last-modified
Fri, 29 Oct 2021 16:42:08 GMT
x-vcache
MISS
server
cloudflare
etag
W/"617c2460-2d89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 01 Nov 2022 19:01:20 GMT
tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1673503
cf-ray
6ae24407bde871d2-LHR
last-modified
Fri, 10 Sep 2021 13:43:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"613b610e-f69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 24 Sep 2022 16:37:03 GMT
sticky-kit.136ae7f2f818eb47f6ccd0348c560674.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.136ae7f2f818eb47f6ccd0348c560674.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17552c5361dccddf89d7807e5cc51b5b77e86c353ac3cecf05a81fff9e503613
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae24407ee3b71d2-LHR
last-modified
Thu, 23 Sep 2021 14:48:14 GMT
x-vcache
MISS
server
cloudflare
etag
W/"614c93ae-fce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 29 Sep 2022 08:37:55 GMT
tnt.regions.54d9f15b0d238de6bb20ec82ed8307ac.js
bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.54d9f15b0d238de6bb20ec82ed8307ac.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9343363dfb6730490f3186a56a7c0e7dffeb9e7bce6c24e12855690fb906b1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1677244
cf-ray
6ae244081e6971d2-LHR
last-modified
Fri, 10 Sep 2021 13:42:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"613b60ce-cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Tue, 27 Sep 2022 13:16:42 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c943be32360d95667589a30c1c17eaa05d6d5da65d54690f7ef2a82c474a0daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
61153
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 18:22:31 GMT
gtm.js
www.googletagmanager.com/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a18923a56904e8d0817d941b53a6011fa0fa515d8e234d79fe5bea6f4797f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
54785
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 18:22:31 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma96165/775313800/6/
Redirect Chain
  • https://js.matheranalytics.com/s/ma96165/775313800/ml.js?cb=1579
  • https://js.matheranalytics.com/static/ltm/ma96165/775313800/6/ml.br.js
141 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma96165/775313800/6/ml.br.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
1dd75eb14b56c828bd743b9d18ac13c164efc421a644f9dd82457e346361819d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 23:09:27 GMT
content-encoding
br
last-modified
Mon, 02 Nov 2020 23:41:22 GMT
server
nginx
age
69184
etag
"b639f344803dd020287fe1fccaee2ac0"
vary
Accept-Encoding
x-cache
HIT Mon, 02 Nov 2020 23:51:01 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
42053

Redirect headers

date
Sun, 14 Nov 2021 18:22:31 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma96165/775313800/6/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
3-gc-euw1-10927
polyfill.min.js
polyfill.io/v3/ 		101 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1446378
detected-user-agent
Chrome/95.0.4638
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=6
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Thu, 28 Oct 2021 01:49:49 GMT
date
Sun, 14 Nov 2021 18:22:31 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/95.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/15743189/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-42.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:03:43 GMT
content-encoding
gzip
etag
W/"5b0f9f0704a703b8da651007721fac57"
last-modified
Thu, 04 Mar 2021 13:31:34 GMT
server
AmazonS3
age
1222
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nwIy4I83UPse0TMSahQPzmve0TkOxd6bsUQ5q9z5Sd3Q61_gubKKWQ==

Redirect headers

date
Sun, 14 Nov 2021 18:22:31 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-cs/default/beacon.js
content-length
52
x-amz-cf-id
N1Xnw-kQaZyXMplujf48krEZLZuBNo-e4ZcHEgUAT8NubLPZylbeLQ==
tracker.gif
gazette.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gazette.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163691415172016001200850053366786&tnms_dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&tnms_upage=1&tnms_do=gazette.com&tnms_uri=/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tnms_ref=&rt=1636914151727
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
truncated
/ 		74 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b15dec3d30115400e55a13974894241063aeb3500c18474e50a0b1fca5226e02

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
videoseries
www.youtube.com/embed/ Frame 2044 		209 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c10e7f39f0a3ab53d830baaf3e6ac6f59d4b3872bbb81e71cb3acd9fe596aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 14 Nov 2021 18:22:31 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
clear
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:07:41 GMT
x-content-type-options
nosniff
age
224090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
32960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 04:07:41 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 16:21:35 GMT
x-content-type-options
nosniff
age
266456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 16:21:35 GMT
615398ccc0b70.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/26/726b7358-20ac-11ec-ac05-1fea5fdb70cc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/26/726b7358-20ac-11ec-ac05-1fea5fdb70cc/615398ccc0b70.image.jpg?resize=200%2C128
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad6b04100f894ca76cfe2be0f89aaa81c1a8a285492d21c2706b050fe4c5eb7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
213046
cf-polished
qual=85, origFmt=jpeg, origSize=4330
last-modified
Tue, 28 Sep 2021 22:36:00 GMT
content-disposition
inline; filename="615398ccc0b70.webp"
content-length
3152
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"48a7acb39059b90b266143d5c789d580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 11 Nov 2022 12:57:47 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae24409383571d2-LHR
cf-bgj
imgq:85,h2pri
618565c80f635.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/4/17/417e8e84-3e5b-11ec-aae1-f3064598dc31/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/4/17/417e8e84-3e5b-11ec-aae1-f3064598dc31/618565c80f635.image.jpg?crop=1071%2C650%2C46%2C74&resize=200%2C121&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a6eab6117ad0013c121dc80d8dd4d3e7c9ced1cff06342c1bd8a8988759d7e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
213046
cf-polished
qual=85, origFmt=jpeg, origSize=4345
last-modified
Fri, 05 Nov 2021 17:11:36 GMT
content-disposition
inline; filename="618565c80f635.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"77f6e00a22b776e18f8c8a223c6b0df0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 12 Nov 2022 06:01:07 GMT
cache-control
public, max-age=31536000
cf-ray
6ae24409383a71d2-LHR
cf-bgj
imgq:85,h2pri
6185a2b19aa6b.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/a4/9a4f0531-14da-51cf-9adb-6fe758741463/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/a4/9a4f0531-14da-51cf-9adb-6fe758741463/6185a2b19aa6b.image.jpg?resize=200%2C133
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c33da808a137a9d6d167d851eefea2542a4cf55ff8f6c1d62712932a81067dd5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
746568
cf-polished
origSize=7569, status=webp_bigger
last-modified
Fri, 05 Nov 2021 21:31:30 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"d49fdbeabfaae761393efa11048fbb9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 05 Nov 2022 23:06:35 GMT
cache-control
public, max-age=31536000
cf-ray
6ae24409384271d2-LHR
cf-bgj
imgq:85,h2pri
6176deab69423.preview.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/35/9355bfcc-35b2-11ec-9a43-ef15195af415/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/35/9355bfcc-35b2-11ec-9a43-ef15195af415/6176deab69423.preview.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a131907ab42a839bded683568aa84e084a257d3c8dcd2e1a6910dc62bdfdbf3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
vary
Accept
cf-cache-status
HIT
age
1677473
cf-polished
origFmt=png, origSize=2439
last-modified
Mon, 25 Oct 2021 16:43:23 GMT
content-disposition
inline; filename="6176deab69423.webp"
content-length
1876
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6176deab-987"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 25 Oct 2022 16:44:34 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae24409384371d2-LHR
cf-bgj
imgq:85,h2pri
61913641643fd.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/f/38/f384ffd3-d746-5588-b337-e004da4e35dd/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/f/38/f384ffd3-d746-5588-b337-e004da4e35dd/61913641643fd.image.jpg?resize=200%2C122
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9a639e1c50fb5f7ccd3c2dc0639225edb6806ab3e7f61f27567d97f2068ff8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:31 GMT
cf-cache-status
HIT
cf-polished
origSize=4649, status=webp_bigger
last-modified
Sun, 14 Nov 2021 16:16:01 GMT
strict-transport-security
max-age=604800
content-length
4458
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"9e77d3b619417483d169414120d88b4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 14 Nov 2022 16:17:22 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae24409384671d2-LHR
cf-bgj
imgq:85,h2pri
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
615398ccc0b70.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/26/726b7358-20ac-11ec-ac05-1fea5fdb70cc/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/26/726b7358-20ac-11ec-ac05-1fea5fdb70cc/615398ccc0b70.image.jpg?crop=1801%2C1013%2C0%2C68&resize=150%2C84&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05ead6ecb5d9ec5b43c47dc4e6e3c20d9d6dd29ccdb86ba888d641b15c54a44
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
vary
Accept
cf-cache-status
HIT
age
207351
cf-polished
qual=85, origFmt=jpeg, origSize=3061
last-modified
Tue, 28 Sep 2021 22:36:00 GMT
content-disposition
inline; filename="615398ccc0b70.webp"
content-length
1968
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"a6f6cddebc163cbc00d5d34354b5169f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 12 Nov 2022 05:50:08 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae2440a19e971d2-LHR
cf-bgj
imgq:85,h2pri
618565c80f635.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/4/17/417e8e84-3e5b-11ec-aae1-f3064598dc31/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/4/17/417e8e84-3e5b-11ec-aae1-f3064598dc31/618565c80f635.image.jpg?crop=1071%2C602%2C46%2C97&resize=150%2C84&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fde4574c599fc8118bb3854982864520f5f16dbabed1c81e17db1447f3ad772b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
vary
Accept
cf-cache-status
HIT
age
207351
cf-polished
qual=85, origFmt=jpeg, origSize=2866
last-modified
Fri, 05 Nov 2021 17:11:36 GMT
content-disposition
inline; filename="618565c80f635.webp"
content-length
2556
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6b8acd8af835e3d07b350a84b736ad43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Sat, 12 Nov 2022 06:01:11 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae2440a19ed71d2-LHR
cf-bgj
imgq:85,h2pri
6185a2b19aa6b.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/a4/9a4f0531-14da-51cf-9adb-6fe758741463/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/a4/9a4f0531-14da-51cf-9adb-6fe758741463/6185a2b19aa6b.image.jpg?crop=1763%2C992%2C0%2C91&resize=150%2C84&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f587947c821c4a1853a05ace346f46f5a25a9e7bd0281e07def5761f319171a7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
625966
cf-polished
degrade=85, origSize=4660, status=webp_bigger
last-modified
Fri, 05 Nov 2021 21:31:30 GMT
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"611db88853f7fd569e1366347027be59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 05 Nov 2022 23:07:13 GMT
cache-control
public, max-age=31536000
cf-ray
6ae2440a29f971d2-LHR
cf-bgj
imgq:85,h2pri
6176deab69423.preview.png
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/35/9355bfcc-35b2-11ec-9a43-ef15195af415/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/9/35/9355bfcc-35b2-11ec-9a43-ef15195af415/6176deab69423.preview.png?crop=92%2C52%2C0%2C0&resize=92%2C52&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a131907ab42a839bded683568aa84e084a257d3c8dcd2e1a6910dc62bdfdbf3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
vary
Accept
cf-cache-status
HIT
age
1677474
cf-polished
origFmt=png, origSize=2359
last-modified
Mon, 25 Oct 2021 16:43:23 GMT
content-disposition
inline; filename="6176deab69423.webp"
content-length
1876
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"52e791b4e7d7e399e0af1dac1175a001"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Tue, 25 Oct 2022 16:45:16 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6ae2440a2a0071d2-LHR
cf-bgj
imgq:85,h2pri
pubads_impl_2021111001.js
securepubads.g.doubleclick.net/gpt/ 		342 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
117754
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 09:34:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		233 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
5f0c2d0ba66ac4d035132fbdadedd07deaa020a5d3dd7c0ad338412373a25698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
136
x-xss-protection
0
expires
Sun, 14 Nov 2021 18:22:32 GMT
i.js
tag.bounceexchange.com/3610/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3610/i.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
8a830c8889ca14a3c7517a30d0073dae7744841a5cb67e1f527acf8652b65469

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:19:47 GMT
content-encoding
gzip
server
fasthttp
age
165
etag
9ae64c811a8378
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
1877
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-al...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-a...
64 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&c8=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&c9=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-42.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
_9eGPJ2xsi1aTgQEnSR9C5Tpjjl9a9t8oe59ejytWRsliymAKlioNw==

Redirect headers

date
Sun, 14 Nov 2021 18:22:32 GMT
via
1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=15743189&cs_it=b2&cv=3.8.0.210223&ns__t=1636914152103&ns_c=UTF-8&c7=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&c8=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&c9=
content-length
388
x-amz-cf-id
uMixYeUbS2Tg6V85UFf2Dw6xEb4Z7l29V9wscHPOkgb1xLGCJvry3g==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sec=News&prem=0&ptype=Article&hier=news%7Cus-world%7Cwex&auth=Asher%20Notheis%7CWashington%20Examiner&artpubt=1636902720&artid=b69f7617-d8a7-58f9-ad10-c636fd1b46de&tv=js-3.0.118&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tid=9d733434-dd4f-46c7-a1d5-a6c8d1eb936c&pid=94f6fbb4-01a1-4536-b3f7-7d1b97ed9a90&dtm=1636914152164&qnm=_matherq&visible=1&tabid=863590bb-d811-42be-920f-ae724d4138f1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&curl=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&vp=1600x1200&ds=1973x5736&tofa=1636914152&vid=1&lvidt=1636914152&duid=1d675a9b4f9823b2&fp=2920491789&cid=ma96165&mrk=775313800&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYzNjkxNDE1MDg0NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI4OTUiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiOSIsImNvbm5TIjoiOSIsImNvbm5FIjoiMTg5Iiwic3NsUyI6IjI2IiwicmVxdVMiOiIxODkiLCJyZXNwUyI6IjI4MiIsInJlc3BFIjoiNDMwIiwiZG9tTG9hZCI6IjI4NyJ9LCJrZXl3b3JkcyI6WyJuZXdzIiwidXMtd29ybGQiLCJ3ZXgiXSwiY2F0ZWdvcnkiOnsiY2F0ZWdvcmllcyI6W1sibmV3cyIsInVzLXdvcmxkIiwid2V4Il1dfX0
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-91-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:32 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1286
date
Sun, 14 Nov 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sun, 14 Nov 2021 20:01:06 GMT
gtm.js
www.googletagmanager.com/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e57b4791b1f505a38d73a505e91a467a6126593ae8a5d7b55acadd915a406ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
34786
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 18:22:32 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
14377
x-xss-protection
0
server
cafe
etag
16570183496300854077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 14 Nov 2021 18:22:32 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45e728528526fb70bc96add20672847b6630ec4cf2751e1b3a40ac8ab0fed08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+jmh1gmEhxBie3g0xiHKVw==
cross-origin-resource-policy
cross-origin
expires
Sun, 14 Nov 2021 18:25:54 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
05RIGJG0acWxqm6fk3Ff1h7KnGuK9QkFACg05D4nwwMndQhjoyA/8RDUtEqXig1UlIINPkgquifudqpqsTnDug==
x-fb-trip-id
686109401
x-fb-content-md5
5d47dffeb1ca70738f043ac39846d461
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 14 Nov 2021 18:22:32 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4b138813d945da97270322d0e63a01cd"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
jQeUCPesMrh4zjHk9rfGIQkgb3gC5g5b1tiyp3fj7eTEA+LtzBBAc449BRNeI41QQ7cFSJCitQs3t7MgUTQLmg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 14 Nov 2021 18:22:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:47 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 21 Nov 2021 18:22:47 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-112.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
17367306
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
kS9db5pDOLxYjHEofQ5oe9JMsdJ639UlmSApJO6a3LQJB8NSlk2Z0Q==
script.js
cdn.listrakbi.com/scripts/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.listrakbi.com/scripts/script.js?m=NmDGOWlMfZSP&v=1
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.20.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-20-11.fra56.r.cloudfront.net
Software
cloudflare / ASP.NET
Resource Hash
61f12658f0c6570290cf6c47de28bac446360ce4c277d6e83d630a7f84ff2216

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:32 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
X-AspNet-Version
4.0.30319
X-ltk
11/8/2021 9:28:35 PM
X-Powered-By
ASP.NET
X-Cache
Hit from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection
keep-alive
Content-Length
20311
Last-Modified
Tue, 20 Jul 2021 16:22:33 GMT
Server
cloudflare
ETag
"CtrxttbT09f4yXGoUVM6iA=="
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
Cache-Control
public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop
FRA56-C2
Accept-Ranges
bytes
CF-RAY
6ab39bca4b1d695b-FRA
X-Amz-Cf-Id
lbpPxAZ5PpL4W2jGCEVAy5jzWVhpbjTSDEUCnlQfnhwXJ4h2s2_DRQ==
Expires
Sun, 14 Nov 2021 19:21:19 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 03:50:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
52317
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
96IvsCogoOym_ZtTvFq_0sw5cYLKf8dYSlqyYB8Z8f5OpIdKMAhPzw==
gtm.js
www.googletagmanager.com/ Frame 1803 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93adb8ebb8c076d224c5f2855cf76eea53ac94a94efc1a215ef10411587e42c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
44725
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 18:22:32 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ Frame 1803 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3284161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10491
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RatSn4UgYQjx4eCI1S424HLoka%2BGTb1IyiJMZoaogFEM%2FRn5kjpqRGTkfWYQBv82yyVl6YdmCUpjPs1RBB2fHkXRZOLi1fsuvBklHgf1yU8rdo7b%2FFhKJpvXvOO6bkrcbFJvVMlud%2F65X9GPkKJBOWve"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae2440e2f1b0f5a-MXP
expires
Fri, 04 Nov 2022 18:22:32 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 1803 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617, 617
age
17763537
cdn-cachedat
2021-04-23 04:15:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2c2f4ee12c680b28653bf96b6a97db1b
cf-ray
6ae2440e2cfe3745-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
slick.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ Frame 1803 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1719338
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19148-FRA, cache-mxp6943-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ae2440d1a525a43-MXP
slick-theme.css
cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/ Frame 1803 		3 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/kenwheeler/slick@1.8.1/slick/slick-theme.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1719338
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-mxp6981-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ae2440d1a5b5a43-MXP
galleria.classic.min.css
cdnjs.cloudflare.com/ajax/libs/galleria/1.6.1/themes/classic/ Frame 1803 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/galleria/1.6.1/themes/classic/galleria.classic.min.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1518d6b3f4564b45fbfd24f6a4e4099535c383de532dbdcb26606f0aa565ba00
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4318249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
798
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e6c-113b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSNF5vgSlLPaQENQnWZTvbuJBhE6xPVtHf9u4Ri21SIbKboxS7RjSgZwZ84LMof%2FB34e1YVmmdMcb9PQ5PALRybuykq9oSNMMf1Z7LWgkUaF27XtVbwFAjDMXL5HLRWIvp8MZJIq46I7U%2FNxBg27sC4H"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae2440d1c155a1f-MXP
expires
Fri, 04 Nov 2022 18:22:32 GMT
evvnt_discovery_plugin.css
discovery.evvnt.com/prd/current/ Frame 1803 		119 KB
120 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin.css
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc7b85cfa9aabe6b00ca32b83db57d2d4fe47ac72811875182b929e48b1532cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:21:46 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
46846
etag
"f5f0e2d13de0e1733c04d8ec22439511"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
121931
x-amz-cf-id
BqkK76DsGvxHGPY3mPMQn9VozjHrowKuonIhpn_A66ELvNd7WFY1XQ==
algoliasearch.min.js
cdn.jsdelivr.net/algoliasearch/3/ Frame 1803 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch/3/algoliasearch.min.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1719337
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19134-FRA, cache-mxp6950-MXP
timing-allow-origin
*
server
cloudflare
etag
W/"110a8-F5a5b5P9g0Kl193YFl3jb+Ewjig"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ae2440d1a7f5a43-MXP
algoliasearch.helper.min.js
cdn.jsdelivr.net/algoliasearch.helper/2/ Frame 1803 		125 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/algoliasearch.helper/2/algoliasearch.helper.min.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
31951
x-jsd-version
2.28.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19136-FRA, cache-mxp6948-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1f4ce-yhw0k44Hf5WfhCJOdgej62yDo+U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ae2440d1a815a43-MXP
respond.min.js
discovery.evvnt.com/prd/current/ Frame 1803 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discovery.evvnt.com/prd/current/respond.min.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c23ef9aa4603538d4710afa4e29284a60ad8956a8b8ab76236def69c97c31a7e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:27:10 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
46673
etag
"a2684e9b8fa50d6d11c56a9ada068528"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
4592
x-amz-cf-id
8-kRor-sr0AWKt_aWOEsiGasAd8Mfyu3rwTLbDHHI8oECZBrRTAjVg==
evvnt_discovery_plugin_s.js
discovery.evvnt.com/prd/current/ Frame 1803 		515 KB
515 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 05:14:36 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
47317
etag
"361dfe48faf32bcab68638fce40d0885"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
526870
x-amz-cf-id
BFvIxUO9OIKr5rjZy-LUJMmYWk4VDS4XH-sjiKfwscTz80iHzsaVYA==
autocomplete.min.js
cdn.jsdelivr.net/autocomplete.js/0/ Frame 1803 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/autocomplete.js/0/autocomplete.min.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d06d1b1f501f2093b356eda8275778f948abbf611429866909e5589f12b46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
34459
x-jsd-version
0.38.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19158-FRA, cache-mxp6923-MXP
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"e0c6-Wydlv9X9np2D1152CwAVK3YT6Zc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ae2440d1a865a43-MXP
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ Frame 1803 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
517325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4256
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6wj3FGkbZ5ewHPr78%2FUWZYHAXy2JlhZA7FJWJnad%2B9oqmf4%2BgTxL1Riay0sbC2F2WP82W30kGKPoor8uJGFV%2FZiXx2ZS5pI977jkTeXjNZSn144aQef2x0VcPX2fs7x7YtjlDZukK6ib7Of8xjG6yUz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ae2440d2c195a1f-MXP
expires
Fri, 04 Nov 2022 18:22:32 GMT
spinner.gif
discovery.evvnt.com/prd/current/ Frame 1803 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://discovery.evvnt.com/prd/current/spinner.gif
Requested by
Host: production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
URL: https://production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net/evvnt_discovery_plugin_s.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9333d900e7e2187b8df9db60653d79a67670d7456a2ebde2af3ac6c1849a50a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 07:35:23 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
38864
etag
"827579418923b7362a4a947475ca22fe"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3111
x-amz-cf-id
0Ak3S5wp6kfypREePzREtvHW6yTtatND8tY-3GzMy-Iu6H9CewOdSw==
/
gazette.com/tncms/search/mlt/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazette.com/tncms/search/mlt/?origin=b69f7617-d8a7-58f9-ad10-c636fd1b46de&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.f1660ccf5d097410b8b72737d216878c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
585008da83950fc044e28b4756888e2957012c0b44935d1d1d3471a974977026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
last-modified
Sun, 14 Nov 2021 16:16:01 GMT
content-length
6380
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
etag
W/39b506f447dcd072801adcf443ef0f74
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
content-type
application/json; charset=UTF-8
x-tncms
1.60.2; app5; 0.2s; 3.6M
cache-control
public, max-age=300
accept-ranges
bytes
x-robots-tag
noarchive
www-player-webp.css
www.youtube.com/s/player/8d287e4d/ Frame 2044 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 12:02:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
22784
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
47155
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 14 Nov 2022 12:02:48 GMT
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/cosprings/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/cosprings/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C71) /
Resource Hash
88d10338acc20bdb9c7baed8599034430d6d939168a270719721004ed71ce250

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
content-md5
Us5L/CKhmbusNHd29P0syA==
age
27623
x-cache
HIT
content-length
1258
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:08:04 GMT
server
ECAcc (mil/6C71)
etag
0x8D9A4299ADDC297
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e9b206cc-b01e-0056-1a44-d9ce0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2044 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:18:33 GMT
x-content-type-options
nosniff
age
223439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 04:18:33 GMT
ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		513 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3610/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2bfdaf67e7fabf1e8503db98b3fa201342d42cf70d32defe96c676b142b34df6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 14:04:59 GMT
content-encoding
gzip
age
361053
x-guploader-uploadid
ADPycdu3MOIw_iBsulS5SSOwoa2mtRmC4ImWVhXm-gJEQNnhS3Pif3MgDuwsbcYZuJVPn9ypV8z98DhjyerO0EekOaI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
124376
last-modified
Wed, 10 Nov 2021 14:04:45 GMT
server
UploadServer
etag
"9c77d5ea4e51000568377edbf95578cb"
vary
Accept-Encoding
x-goog-hash
crc32c=B1z+TQ==, md5=nHfV6k5RAAVoN37b+VV4yw==
x-goog-generation
1636553085539882
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
124376
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 10 Nov 2022 14:04:59 GMT
integrator.js
adservice.google.co.uk/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		453 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609428905649824&correlator=1542402365224704&output=ldjh&impl=fifs&eid=31063705%2C31063711%2C44754276%2C44742767%2C44753990&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=5173%2CCS_Gazette%2Cgazette.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&eri=1&cust_params=browser%3DChrome%26k%3Dnews%252Cus-world%252Cwex%26page%3Dasset%252Carticle%252Capp-editorial&cookie_enabled=1&bc=31&abxe=1&lmt=1636906561&dt=1636914152516&dlt=1636914151134&idt=1312&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=5487&adks=335286780&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1600x0&ga_vid=136574573.1636914153&ga_sid=1636914153&ga_hid=1650202400&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
06bdb5aad62e25545223054c328e29871553aeb52178a6ab5a9955ff441dc229
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		118 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609428905649824&correlator=942387325821627&output=ldjh&impl=fifs&eid=31063705%2C31063711%2C44754276%2C44742767%2C44753990&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=5173%2CCS_Gazette%2Cgazette.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=2x1%7C1x1%2C1170x90%7C970x90%7C728x90%7C970x250%2C463x1200%2C463x1200%2C940x30%2C300x250%7C300x600%2C1170x90%7C970x90%7C728x90&prev_scp=pos%3Dimpact-top%7Cpos%3Dbreakout-one%2C1%7Cpos%3Dleft%7Cpos%3Dright%7Cpos%3Dpencil%7Cpos%3Drectangle-one%2C1%7Cpos%3Dsticky-anchor&eri=1&cust_params=browser%3DChrome%26k%3Dnews%252Cus-world%252Cwex%26page%3Dasset%252Carticle%252Capp-editorial&cookie_enabled=1&bc=31&abxe=1&lmt=1636906561&dt=1636914152524&dlt=1636914151134&idt=1312&frm=20&biw=1600&bih=1200&oid=2&adxs=120%2C120%2C-373%2C1510%2C120%2C1180%2C215&adys=65%2C309%2C289%2C289%2C420%2C745%2C1110&adks=694233250%2C839907893%2C2013718963%2C2013718970%2C3352992270%2C2136645631%2C1911169261&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1360x1%7C1360x90%7C463x1200%7C463x1200%7C1360x30%7C300x250%7C1600x-1&msz=1360x1%7C1360x90%7C463x1200%7C463x1200%7C1360x30%7C300x250%7C1600x-1&ga_vid=136574573.1636914153&ga_sid=1636914153&ga_hid=1650202400&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C463%2C463%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
526c1d5017e3763f769e1ad887784a5b962b480d180941d51c19b217ea71686f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
25741
x-xss-protection
0
google-lineitem-id
-2,5650199272,-2,-2,-2,5650857026,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138343860989,-2,-2,-2,138344318617,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B9C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:32 GMT
expires
Mon, 14 Nov 2022 18:22:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
css
fonts.googleapis.com/ Frame 1803 		3 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discovery.evvnt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:09:37 GMT
server
ESF
date
Sun, 14 Nov 2021 18:22:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 18:22:32 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
clear
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gazette.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
www-embed-player.js
www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/ Frame 2044 		207 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:50:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1901
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
69543
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 14 Nov 2022 17:50:51 GMT
base.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/ Frame 2044 		2 MB
516 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b38c02e10c1bdb5c6a27aaa7ca7e62ca4d1fe2285c5029bc91ffa9419be83bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
225962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
527649
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 03:36:30 GMT
fetch-polyfill.js
www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/ Frame 2044 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 06:47:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
41708
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2830
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 14 Nov 2022 06:47:24 GMT
all.js
connect.facebook.net/en_US/ 		285 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=3b0dfdba796404a975874f58f79a6d38
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b73fe04f5f2c5d3bfd192f2fc3d3a3200e0bad319f8e7f730b0395131acef08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
EBgsfqF+WphffAwcrQrqGA==
cross-origin-resource-policy
cross-origin
expires
Mon, 14 Nov 2022 17:20:39 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82911
x-fb-rlafr
0
x-fb-debug
OiFioP+qglCVEjooigColhIDpJxLdQpIyhFXmi0c7U9/6O0S2xkHmhm0UWB6AnrleCNU/OjedpdP31tbgIYYcw==
x-fb-trip-id
686109401
x-fb-content-md5
9ba88553e390b041e0d76d7f70f7c989
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 14 Nov 2021 18:22:32 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"20c0172b7df13ec5ba6c866d9d847fec"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/799220490/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/799220490/?random=1636914152629&cv=9&fst=1636914152629&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tiba=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
720fc8162228d073f37bf4fe45f322f5eca29dbaa5fb48b570d8fd82d064855a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
clear
content-length
1108
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getIds
s1.listrakbi.com/NmDGOWlMfZSP/session/ 		175 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.listrakbi.com/NmDGOWlMfZSP/session/getIds?callback=ltkCallback8705&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by
Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=NmDGOWlMfZSP&v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5a10fd839a65145a5b3be7cc4ef34261a95c1e6bde8588cf6ea9edd7c860f08a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache
cf-ray
6ae2440e7cf07566-LHR
expires
-1
579568528813796
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/579568528813796?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
898ccb5361ef7cef2af948b76319d4f079b652fe482803e8060122a38d9e4808
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
RtYP4RTQk/4tdqujAkJOz4/mySFFPdm3EiyqUj79tTs662orf23Dyr3jgWn8eBkQuHhi8tZWDoWl4dRIDTGJ1g==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 14 Nov 2021 18:22:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		156 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
72058eaf777e91ce4a1bc7bd7aac7bb09633385e9fe4390e5c9b8cbe932abb3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
59445
x-xss-protection
0
expires
Sun, 14 Nov 2021 18:22:32 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 1803 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 13:18:36 GMT
x-content-type-options
nosniff
age
363836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 13:18:36 GMT
js
www.googletagmanager.com/gtag/ Frame 1803 		163 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5T8HXK8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95b73705c857138f4f803e5b4750f59198473b24bacc7e118c8753869a296de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
clear
content-length
61718
x-xss-protection
0
expires
Sun, 14 Nov 2021 18:22:32 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=136574573.1636914153&jid=2079021313&gjid=499237560&_gid=873651966.1636914153&_u=YChAgUABAAQCAE~&z=1882675243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Nov 2021 18:22:32 GMT
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjACUABBAQCAG~&jid=1375110965&gjid=401832186&cid=136574573.1636914153&tid=UA-37551682-1&_gid=873651966.1636914153&_r=1&gtm=2wgba1MWWFD9&cd1=&cd2=false&cd3=3.155.03.155.0&cd4=editorial&cd5=flex-editorial&cd6=flex&cd8=453&cd9=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&cd10=article&cd11=b69f7617-d8a7-58f9-ad10-c636fd1b46de&cd12=Asher%20Notheis%2C%20Washington%20Examiner&cd13=Asher%20Notheis%2C%20Washington%20Examiner&cd14=news%2Cus-world%2Cwex&cd20=MATHER_U2I_FIRSTTIME_20201101%2CMATHER_U2I_METER3_20201101&cd7=200&z=85293289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjACUABBAQCAG~&jid=1562506505&gjid=2027822250&cid=136574573.1636914153&tid=UA-37551682-4&_gid=873651966.1636914153&_r=1&gtm=2wgba1MWWFD9&cd1=MATHER_U2I_FIRSTTIME_20201101%2CMATHER_U2I_METER3_20201101&z=101662443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&dp=%2Fnews%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgUABAAQC~&jid=2079021313&gjid=499237560&cid=136574573.1636914153&tid=UA-54716522-7&_gid=873651966.1636914153&gtm=2wgba1PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=yes&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&cd15=3.155.0&cd16=false&cd17=Page%20View&cd20=b69f7617-d8a7-58f9-ad10-c636fd1b46de&cm1=453&z=1181021743
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18318
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-1&_gid=873651966.1636914153&gtm=2wgba1MWWFD9&cd1=&cd2=false&cd3=3.155.03.155.0&cd4=editorial&cd5=flex-editorial&cd6=flex&cd8=453&cd9=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&cd10=article&cd11=b69f7617-d8a7-58f9-ad10-c636fd1b46de&cd12=Asher%20Notheis%2C%20Washington%20Examiner&cd13=Asher%20Notheis%2C%20Washington%20Examiner&cd14=news%2Cus-world%2Cwex&cd7=200&z=1910939438
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18318
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tnt-pbm&ea=isPrivateBrowsingMode&el=false&_u=YCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-1&_gid=873651966.1636914153&gtm=2wgba1MWWFD9&cd1=&cd2=false&cd3=3.155.03.155.0&cd4=editorial&cd5=flex-editorial&cd6=flex&cd8=453&cd9=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&cd10=article&cd11=b69f7617-d8a7-58f9-ad10-c636fd1b46de&cd12=Asher%20Notheis%2C%20Washington%20Examiner&cd13=Asher%20Notheis%2C%20Washington%20Examiner&cd14=news%2Cus-world%2Cwex&cd7=200&z=286701054
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18318
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C34) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1652
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (mil/6C34)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73b022a3-101e-0049-2f80-d9aa9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 14 Nov 2021 18:52:33 GMT
fp.min.js
fp-cdn.azureedge.net/prod/cosprings/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/cosprings/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C7D) /
Resource Hash
b1f09d70a07b150dab76b398a560e6b16366c1bbf3db50db3b7ecd70d491fd7f

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
content-md5
MOToMk7S3Vvloh/fuHmSKw==
age
27580
x-cache
HIT
content-length
21104
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:01:07 GMT
server
ECAcc (mil/6C7D)
etag
0x8D9A428A2099112
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c9cf157d-001e-0126-3944-d9fb9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/cosprings/ 		1 MB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/cosprings/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C4F) /
Resource Hash
972b9c49d39f7dd1a2c03317d300c90db080ed76f0c058a9f5457761a675ae95

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
content-md5
z9UvvDlXPDKZKSizBNvE/w==
age
25180
x-cache
HIT
content-length
269379
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:02:23 GMT
server
ECAcc (mil/6C4F)
etag
0x8D9A428CF4A3D3E
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5990ed0d-701e-004b-1649-d917e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/ 		869 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CC5) /
Resource Hash
6a2668537efca0aab9631e71d4db3c9547b19d58ec2ef731845da31150c9bd9d

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
content-md5
fL84//fFViFCiiGeaPIuSg==
age
25180
x-cache
HIT
content-length
207222
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:02:39 GMT
server
ECAcc (mil/6CC5)
etag
0x8D9A428D90557CA
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
863a163b-701e-0069-0649-d979d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/ 		348 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/cosprings/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C35) /
Resource Hash
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
content-md5
HBagnSR9fGL2/9/2zSnVqw==
age
27579
x-cache
HIT
content-length
35356
x-ms-lease-status
unlocked
last-modified
Wed, 10 Nov 2021 09:02:39 GMT
server
ECAcc (mil/6C35)
etag
0x8D9A428D8FB9499
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
092e35a4-f01e-00d9-3b44-d98053000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 1EDA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

x-guploader-uploadid
ADPycdsyQZAR4dpI9tR6tki30z3JMky5qEpQvGypc5lzAS3JopcppVbVnNR49GA0CoXk0SHbNINndzhs9ecP4OUaJmOBs_u-1g
date
Tue, 26 Oct 2021 09:17:17 GMT
expires
Wed, 26 Oct 2022 09:17:17 GMT
last-modified
Mon, 25 Oct 2021 14:15:20 GMT
etag
"a292f6ab7772a1b30b3346788c37fd6d"
x-goog-generation
1635171319898846
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-goog-hash
crc32c=LzcDzg== md5=opL2q3dyobMLM0Z4jDf9bQ==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
age
1674316
cache-control
public,max-age=31536000
alt-svc
clear
/
www.google.com/pagead/1p-user-list/799220490/ 		42 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/799220490/?random=1636914152629&cv=9&fst=1636912800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tiba=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&async=1&fmt=3&is_vtc=1&random=2059577758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/799220490/ 		42 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/799220490/?random=1636914152629&cv=9&fst=1636912800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tiba=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&async=1&fmt=3&is_vtc=1&random=2059577758&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7131 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIUPdVEM0v6JH5OfCzFEvkYB3QdqujfzwIbEqrNnqPLhyEgUa1gpAA2FxfXujTxJqfEGtwBjvfVqJdncLm0vreFaqornNQgfxdUX4pxoN77Fa7XqCelwCJipTec5zKd_1fj1ehbfCAa04S6sHPEj3CmjK7HIk5EuJWTTbU8fd2ax_YGM2wicghI5NfWyE9U8Qz3-0l3eFwoXuTv5tV4BSMztgyYDpFDI1tYMN9dQMNk8mgrk8l3ekhAZevIyJg4OeuzaMh6geK-RIiO4Id0Ow4pdd4FV7W8-H9gRw1UTaPIMZnbalsWR5wirHUdvwobo6cxg&sai=AMfl-YTBPCMZKQ1Wt7DA2zU9B4Xi-68zSbFlE7nrGaYS9jquM0MNhgXyAWyxaiiBiZlH-kZXgcJWuNsipw9J8g8QkivNKqOaiCMkD9j3-9Y_au1B4mqB0DJLJGwiOlyG2ms&sig=Cg0ArKJSzJAen7fTBkawEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:33 GMT
index.js
cdn1.opstag.com/13875/ Frame 7131 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13875/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e101756b8300a36e3506c8af0c28686b7683497a12d3351e67bc7beef1cebd1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 10:43:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"be7b7b5ee5982e41c5732b67cdf76b7a"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4998
x-amz-cf-id
UJgCOiuSMO8A9dz5BhxvPyzLA2oX4KmMy9yx2LC4DGJKVey-r-pXUw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7131 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 09C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskqw9WriP1aHJy1io0NxXBUG0OYPaGT1-iyvzXBTjsHg1Cv8ugPIXNBH0qo2QntuUqRyRhx_XqZ-DQa-yZwzpgNFVPzvbAq8isXm8b6_UdS3JzlNaOJGvPfnu5YwSPbwq4OqZ4D0YMLpb3nrrHqIvJwIuxu63Mo9ejGyPNloQPiU2eqb68plkrYxpsqyY5cnerB46ni4AFNbwp9LBaVGwIqt4iMpvWupytwNN899R7mANvWmiSl1DwNskCLZutvF_0qCrGfUDSlP39UCedq4FH9VHuD3OlxLIW9-czPuq_Ycyt5IvtkXz4SDl0suNY76a5pw&sai=AMfl-YTf_Gg8hWtIjipVsRYaM0S-gYM56pz08o92ssE61TdS-QRLlSnh0Psf4Wqs-wUyYbr5aGjhuIS5EC_iu2gtlFg08LN0DSxnZQ-rI2NBv_JEXqM0imgJ-VDaKQO3V-k&sig=Cg0ArKJSzBqxcCMjt7j9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:33 GMT
index.js
cdn1.opstag.com/13877/ Frame 09C3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13877/index.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f62a6ac633464aa38885e3bc5c49c6fc766fdd9a00e886e16a231a995dd3ec78

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:29:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"21634ca889533b12eaecee183c7239bc"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4994
x-amz-cf-id
b6669dHs2ERZquutT3zz8xL7zrcJ6trtNHFNQNlOoOGabxCNjwfDvA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09C3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:33 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37551682-1&cid=136574573.1636914153&jid=1375110965&gjid=401832186&_gid=873651966.1636914153&_u=YCjACUABBAQCAG~&z=682127837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Nov 2021 18:22:33 GMT
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 2044
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
958e43d2f757b0c46613b1281f0937eab4ba55d88c0c2ccfc4fdaf388d438495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 2044 		29 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:13:00 GMT
x-content-type-options
nosniff
age
573
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Nov 2021 18:28:00 GMT
publisher_settings
evvnt-api.global.ssl.fastly.net/publishers/gazette.com/ Frame 1803 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://evvnt-api.global.ssl.fastly.net/publishers/gazette.com/publisher_settings?api_key=
Requested by
Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
bd48714c6c43530858630488f5c2d5326959c4c0f5374c8d2aaaf04c428874e3
Security Headers
Name Value
Strict-Transport-Security max-age=31535000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31535000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
483
Via
1.1 vegur, 1.1 varnish
X-Cache
HIT
Connection
keep-alive
Vary
Accept-Encoding, Origin
Content-Length
1204
X-Xss-Protection
1; mode=block
X-Request-Id
29b79fc4-1c13-4b57-866b-be2592a8ca00
X-Served-By
cache-lcy19223-LCY
X-Runtime
0.016626
Server
Cowboy
X-Timer
S1636914153.274045,VS0,VE1
X-Frame-Options
SAMEORIGIN
Date
Sun, 14 Nov 2021 18:22:33 GMT
Access-Control-Max-Age
7200
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Pagination-Current, X-Pagination-Pages, X-Pagination-Total
Cache-Control
max-age=600, public
Etag
W/"bd48714c6c43530858630488f5c2d532"
Accept-Ranges
bytes
X-Cache-Hits
1
container.html
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2151 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:32 GMT
expires
Mon, 14 Nov 2022 18:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
clear
collect
www.google-analytics.com/g/ Frame 1803 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LM5S7ZWXZV&gtm=2oeba1&_p=1503855737&sr=1600x1200&ul=en-us&cid=136574573.1636914153&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&dt=Evvnt%20Discovery%20Plugin&sid=1636914152&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37551682-1&cid=136574573.1636914153&jid=1375110965&_u=YCjACUABBAQCAG~&z=1887701919
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37551682-1&cid=136574573.1636914153&jid=1375110965&_u=YCjACUABBAQCAG~&z=1887701919
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/ Frame 2044 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854175efc6b3954fa1de475147e7327a0a16462000f927ddb602b07e38410dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 03:36:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
225962
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
29691
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 03:36:31 GMT
xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
www.google.com/js/th/ Frame 2044 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/xP0-M-T20NOk-COIrdoYtlIgpF7MlgrVZ6LBtbxion4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
1506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13555
x-xss-protection
0
last-modified
Fri, 29 Oct 2021 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Nov 2022 17:57:27 GMT
embed.js
www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/ Frame 2044 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7ca1fe25659ef7f833861cd28cc5ed61b84be92d0be3fb8874501dae3ddb51d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 04:18:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
223458
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7319
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 18:33:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 12 Nov 2022 04:18:15 GMT
truncated
/ Frame 2044 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
AKedOLTI8t8uGy46FsK-C12Vu8GgYe_yf4EeRDr_LN5DhA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2044 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLTI8t8uGy46FsK-C12Vu8GgYe_yf4EeRDr_LN5DhA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ece44dc6496984202d84031912f2fe617b856559578750f3735818a0ad5b7129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:02:21 GMT
x-content-type-options
nosniff
age
4812
content-disposition
inline;filename="unnamed.jpg"
alt-svc
clear
content-length
2144
x-xss-protection
0
server
fife
etag
"ve2"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:43:49 GMT
hqdefault.webp
i.ytimg.com/vi_webp/mSwcQI-V81w/ Frame 2044 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/mSwcQI-V81w/hqdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39830ef676dbbc8f2ff515799bd3fac78ebc326019303c8c8170b82d9443327b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
age
0
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
36992
x-xss-protection
0
server
sffe
etag
"1636661779"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 14 Nov 2021 18:27:33 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oeba1&_p=1650202400&sr=1600x1200&ul=en-us&cid=136574573.1636914153&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sid=1636914152&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.asset_id=b69f7617-d8a7-58f9-ad10-c636fd1b46de&ep.skin_name=flex-editorial&ep.skin_version=3.155.0&ep.subscription_required=false&epn.blox_render_time=453&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 1803 		840 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://evvnt-plugin-proxy.global.ssl.fastly.net/?publisher_id=9192&api_key=GAZETTE&facet_filters=%5B%22featured_publisher_ids%3A9192%22%2C%22blacklisted_publisher_ids%3A-9192%22%2C%5B%22editorial_tools_publisher_ids_filter%3A9192%22%2C%22editorial_tools_publisher_ids_filter%3Abackfill%22%5D%5D&hits_per_page=3&page=0&include_in_progress=true&catchments_hash=1522123344
Requested by
Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
8b9f6cd56af0864013f73c68bc3b5e57d60cce01cb8a16f42747ab1257d57218
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:33 GMT
Via
1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
3597
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
400
X-Served-By
cache-dca17778-DCA, cache-lcy19231-LCY
Server
Cowboy
X-Timer
S1636914154.528503,VS0,VE1
Strict-Transport-Security
max-age=300
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3641, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges
bytes
X-Cache-Hits
1, 1
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 1803 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 718
age
3983320
cdn-cachedat
2021-08-02 20:43:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5d66857d64f6cc3d596a3c0df0ecd591
accept-ranges
bytes
cf-ray
6ae244145886e903-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 1803 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 06:44:42 GMT
x-content-type-options
nosniff
age
214671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 06:44:42 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=579568528813796&ev=PageView&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&rl=&if=false&ts=1636914153497&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636914153495.1670676047&it=1636914152653&coo=false&exp=p1&rqm=GET
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Sun, 14 Nov 2021 18:22:33 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY1MDE5OTI3MiIsImVidXkiOiIyMTA5ODE3NjM5IiwiZWFkdiI6IjQ0MTIxMTU5ODIiLCJlY2lkIjoiMTM4MzQzODYwOTg5IiwiZWVudiI6ImoiLCJlcGlkIjoiMTAzMjExNzQwIiwiZXNpZCI6IjEwMDE0NjgyMCJ9&tv=js-3.0.118&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tid=22e63a40-a8eb-4aad-bb2c-4cc1a3dd6f64&pid=94f6fbb4-01a1-4536-b3f7-7d1b97ed9a90&dtm=1636914153553&qnm=_matherq&visible=1&tabid=863590bb-d811-42be-920f-ae724d4138f1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&curl=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&vp=1600x1200&ds=1973x6161&tofa=1636914152&vid=1&lvidt=1636914152&duid=1d675a9b4f9823b2&fp=2920491789&cid=ma96165&mrk=775313800
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-91-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:33 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 7131 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5113e7c222f6561582416fca2c0f323667f21b968a90db36b7acafca699a2900

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 09C3 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07a2a7eb634050498cfe5ba3892d940c5ce3dea7f5f947df66b764cd569d818f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
/
evvnt-plugin-proxy.global.ssl.fastly.net/ Frame 1803 		340 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://evvnt-plugin-proxy.global.ssl.fastly.net/?publisher_id=9192&api_key=GAZETTE&facet_filters=%5B%22country.iso_code%3AUS%22%2C%22blacklisted_publisher_ids%3A-9192%22%2C%5B%22sources%3Ageotix%22%2C%22sources%3Agoldstar%22%2C%22sources%3Aticketmaster%22%2C%22sources%3Aactive_network%22%5D%2C%5B%22editorial_tools_publisher_ids_filter%3A9192%22%2C%22editorial_tools_publisher_ids_filter%3Abackfill%22%5D%5D&hits_per_page=80&page=0&include_in_progress=false&catchments_hash=1522123344
Requested by
Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/current/evvnt_discovery_plugin_s.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
8a45cd1c8fe006ffd96b841654ab7f729b1e4524988753630fef8920010fd3f4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:33 GMT
Via
1.1 vegur, 1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
533
X-Cache
HIT, HIT
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Length
28216
X-Served-By
cache-dca17781-DCA, cache-lcy19231-LCY
Server
Cowboy
X-Timer
S1636914154.603079,VS0,VE2
Strict-Transport-Security
max-age=300
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3769, stale-while-revalidate=60, stale-if-error=43200
Accept-Ranges
bytes
X-Cache-Hits
1, 1
05bb46b82d1d2bf4ab0b6db8ff47e7f4.js
www.gstatic.com/mysidia/ Frame 2151 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 09:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31077
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4964
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 12 Feb 2022 09:44:36 GMT
css
fonts.googleapis.com/ Frame 2151 		4 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 16:23:40 GMT
server
ESF
date
Sun, 14 Nov 2021 18:22:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 18:22:33 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 2151 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 2151 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:18:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 2151 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2151 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 2151 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:21:28 GMT
l
www.google.com/ads/measurement/ Frame 2151 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqmBk3SammjcJuUBM1N1_kP90HaRNvD6xJ3yiwh8n9-l_eqfg2F5384EQH6Wm-hSFUAs8k
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame 2151 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 09:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:00:33 GMT
init1.js
api.bounceexchange.com/bounce/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBmQgTnwBZ8BWYgdgc2AC8QoAGTAdwFMAjHKmC8A+qgAmUUvi4AnXjhAAbOGgwFCHDgA98AJm2YFMXnIVyo2AIbLlqBAHNRcOcqgALYMAAOOAKTEAIL++gBioWGO1iy83rwAdEggALaRCLzcAeEw-KgAtLwp1qjK+TgAnjgiKfke1kgA1rwS+aDlvAitMNbN+UgV-GbW3g2N+bZmwNlh1nJoSMpi-OQw9IT49PkSABzWWzQ7MGQTErL9JIQwZ-yUhBKJXinKmABuqELAoskgjai8UH89AAQqF9MofGDAiF9PovL5snQYTRwqEUVEYnERElUmjwhksniwrkCkUSmVKtUinUxi02iAOl18j0+gMhnIRsAxhMlvNEeE5gslqIVmQ1hstrt9vlDsdTuckJdrvhbvdHsBnlD9ABhMFyKHBLX6IEAEWwIF+-0BINNbzmOAA2j5rI4xMAKj5eABdKCC1CLXh2uSO94PECid5CfhLH09ZQ4QOve0OnBwQRIOSoIaiFIgCS2WO2BNBx2p9OZ7O5-PKHMgPLCmAWkRyQvxwM-P5ui2iZRzV2wIuB-g+TiYOIjh0AIj9AcnABpJ0gRrxHCA5BV55PonYzBuFx5UrxNwm5kgPJvQ7wQJOvZgfNNffN-UtzSkfPZrMgxDBe44oEA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
53242c6a583591240cc6377a2c01dcc1510f97933f5ee4adb17f04df53a15f99

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 18:22:33 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
28
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY1MDg1NzAyNiIsImVidXkiOiIyMTA5ODE3NjM5IiwiZWFkdiI6IjQ0MTIxMTU5ODIiLCJlY2lkIjoiMTM4MzQ0MzE4NjE3IiwiZWVudiI6ImoiLCJlcGlkIjoiMTAzMjExNzQwIiwiZXNpZCI6IjEwMDE0NjgyMCJ9&tv=js-3.0.118&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tid=1841bcbc-77c5-4110-a695-582615d54cac&pid=94f6fbb4-01a1-4536-b3f7-7d1b97ed9a90&dtm=1636914153579&qnm=_matherq&visible=1&tabid=863590bb-d811-42be-920f-ae724d4138f1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&curl=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&vp=1600x1200&ds=1973x6161&tofa=1636914152&vid=1&lvidt=1636914152&duid=1d675a9b4f9823b2&fp=2920491789&cid=ma96165&mrk=775313800
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-91-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:33 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
generate_204
www.youtube.com/ Frame 2044 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Qspvfg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
alt-svc
clear
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 2044 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7131 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssWwpYpqCHCR0IGIIQ8Voa8c0zHjJiqD0Ahq_H1DpT18imrcfJMSs46jiN_4bnFAfNDlUoGdUhPZe8gqivlpo64955CepnKC29D-t_bS67YSVAhxsooc2R541A_0SaOo8ZrnM0IlrFH_gdOemPbbCGHE_undh031zeaxTyilGOllhc6-ckGNJL1_WUrTw57mOpWDy5iipZS2OAk69n9ci_zBzuMUOjdDo608YIvFjlELjr86GxH2tri6ofMevujd8jU9g7FRy185ROWxJ0qPnhEoOXY9QSlu5Co0FqlcRl1rm0e7RZmYIWHeeGkWNuqNVYDNe5&sai=AMfl-YQKmib5g4VlII_e878DdDm-1ef7OVjpTgkrX6Rj0i3FBPGzdW0dnhDl2utd6b86UXbXZKij0V2IMJRNHBTx48g-fV1M2qIbszP4SH1unK_ONfqLB1BzcpCz6nfkXoY&sig=Cg0ArKJSzJuTHmmJ41A7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:33 GMT
prebid.js
cdn1.opstag.com/13875/ Frame 12AD 		311 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13875/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0f9ad02227ffa5dcf362960b19b2c11db329033e6821d1c988754a60d404c73

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 10:43:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b25f41683c9deee1444f5b3f381daa0c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
97495
x-amz-cf-id
i8SIFV9G2kATB_VQRiRMNWHGT6fLjOLLmV6_A7UlaZAkmHN7ZaNojg==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame 12AD 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=22617
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Mon, 15 Nov 2021 00:39:31 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame 12AD 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
149f318a7105d32c890b485ec0486bdbde246eeee2162165abf15b6f651335a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:33 GMT
Content-Encoding
gzip
Age
1764
X-Cache
HIT
Connection
keep-alive
Content-Length
13684
x-amz-id-2
Z/dA6XH8m0H/nOpI6fK+PNN3CMpDdPHwCw4TVIy7OJJ9CZ8HQ/mCrVd2ylrCC9Y2yCRPLY6igL4=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Sun, 14 Nov 2021 17:31:43 GMT
Server
AmazonS3
X-Timer
S1636914154.979299,VS0,VE1
ETag
"773de9f987a3488556f9f92faeb67172"
x-amz-request-id
QZAF0CQXPKAAFN40
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
placement.js
cdn1.opstag.com/13875/ Frame 12AD 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13875/placement.js?cb=1636914153926
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c415c94b126475dd77cff0a01552daab645e017edb1f7ef364b56c87ff7a4e62

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 10:43:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d7e96f37446bb8cb23e1163cd625d8fb"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6717
x-amz-cf-id
zpIxPxEl2ObfcxOwNR1vIK-sg_ka1PIgE-fxA-4dnPqNwXZrSAffeA==
ad
pubads.g.doubleclick.net/gampad/ Frame 7131
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871&pre=1
42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871&pre=1
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13875-728x90-activefill-desktop-pixel&sz=1x1&t=&c=5625126871&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 09C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-Qs45w5qeWW3rSCrO3cekasRZ3P1uecNlJn5f6xI3p09_dG1rvCJbhUaccLYQQ473phgBdc7dZTgeQEyDqMlcqFeMcXmR_VlWGO46jva8JWEqU_CISu7IN9TdH4C9axtAws9mSOdAzpZHxgPsuY1uZnkC6hybsFU0m4cGPtth4MfUgvfhme-n-ea6IEv07BfJN_w-4n5vXLQlSolipVi6fkYvrD_D4MA6MHI0VX9-NrdbwCeO_ZnUKralqLi0Wxf_-QROSZRk2IBnwcbEjfhZ9c6O_uhh2AvsjqHg0sTO_UMxqwSxyeVYkrK4PC6qwSXPvCRS&sai=AMfl-YSC_V-ur3W1Uk2PW0Fiijr3OvRIA9gmvfW6cTi61_LJQHXoBRnwh1sMATPD3JWf71tLT7_7HuiVb0oleV8NFZp-vf0dUp2PhAf70GCPY23NgH6Al3mvqRN0iONrFVo&sig=Cg0ArKJSzGMAtf3y_dRQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:33 GMT
f9bdfe96-269d-4ca0-968b-f487f5ff5d6c_106021_CUSTOM.jpg
s1.ticketm.net/dam/c/d6c/ Frame 1803 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ticketm.net/dam/c/d6c/f9bdfe96-269d-4ca0-968b-f487f5ff5d6c_106021_CUSTOM.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.87 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d4fd2a2e348b54f827e691e132bb210be2f53074f0ec2b48b796aead26e488f
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
via
1.1 varnish, 1.1 varnish
age
694014
x-cache
HIT, HIT
fastly-io-info
ifsz=19383 idim=305x225 ifmt=jpeg ofsz=12196 odim=305x225 ofmt=jpeg
fastly-stats
io=1
content-encoding
br
x-amz-request-id
FXSKEXF3M1CHAMTD
x-amz-id-2
/g2RIR2WuuBJDQYx90RkqTUs6vFxXhabIrWzSyeP6aWet30NxOeS0i7+2BhLBZGqCu3R2TdRCvU=
x-served-by
cache-bwi5120-BWI, cache-lcy19231-LCY
server
AmazonS3
x-timer
S1636914154.050613,VS0,VE1
etag
"UADSpE1/vWI7wZTpDRxTiZpofNPPmFiZSAClDb3nSD0"
vary
Accept-Encoding
strict-transport-security
max-age=300
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
none
x-cache-hits
1, 1
295830.jpg
s1.ticketm.net/img/tat/cft1/201309/20/ Frame 1803 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ticketm.net/img/tat/cft1/201309/20/295830.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.87 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-error
invalid status
age
0
x-cache
MISS, MISS
fastly-stats
io=1
content-length
43
x-served-by
cache-sna10728-LGB, cache-lcy19231-LCY
last-modified
Tue, 10 Nov 2009 03:47:24 GMT
server
Apache
x-timer
S1636914154.050992,VS0,VE183
etag
"2b-477fc2b12b606"
vary
Accept-Encoding
strict-transport-security
max-age=300
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
0, 0
bb19de81-09ef-4b8b-972e-7f4128e9c512_1537531_CUSTOM.jpg
s1.ticketm.net/dam/a/512/ Frame 1803 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.ticketm.net/dam/a/512/bb19de81-09ef-4b8b-972e-7f4128e9c512_1537531_CUSTOM.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.87 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e179d6a8773780564d39e57d353f10a65571608ca906261df97625f6427835b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
via
1.1 varnish, 1.1 varnish
age
842637
x-cache
HIT, HIT
fastly-io-info
ifsz=21911 idim=305x225 ifmt=jpeg ofsz=14310 odim=305x225 ofmt=jpeg
x-amz-meta-content-type
image/jpeg
fastly-stats
io=1
content-encoding
br
x-amz-request-id
G8W6R3SB3EPWZC95
x-amz-id-2
cnraBObuErqmSIq6AMYa+iD+9WD+0pi/5HCydtCUSPe2oGQnOKVzM4XV63sOYfJkr80xDjJv7Fk=
fastly-io-warning
Failed to apply profile
x-served-by
cache-bwi5169-BWI, cache-lcy19231-LCY
server
AmazonS3
x-timer
S1636914154.051122,VS0,VE1
etag
"MeIieAZy/+HquXbE9HRc3/c6pvLR3tmsNrVFU7yf/3M"
vary
Accept-Encoding
strict-transport-security
max-age=300
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
none
x-cache-hits
1, 1
powered_by_evvnt.png
discovery.evvnt.com/prd/current/ Frame 1803 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://discovery.evvnt.com/prd/current/powered_by_evvnt.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa3b0b0b923bac2349785995c9658d67ebd1b17fcf15f250ad3caea606c488fe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 07:01:42 GMT
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 18:59:05 GMT
server
AmazonS3
age
41127
etag
"75b50d165228a4223db525417fd3d99f"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
1056
x-amz-cf-id
8tX5UhBlPdiENcjl76tEOIV_ojUuOXAZntgE0zU95pvrtZ87xk_ExQ==
prebid.js
cdn1.opstag.com/13877/ Frame BC3D 		311 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13877/prebid.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0f9ad02227ffa5dcf362960b19b2c11db329033e6821d1c988754a60d404c73

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:29:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b25f41683c9deee1444f5b3f381daa0c"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
97495
x-amz-cf-id
I09eUfajJd5z0jVZzv8IwpWg9uFsXBs2pSYfDzE6lxX3e0UXUdvdBA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157898/3581/ Frame BC3D 		166 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:51:44 GMT
server
Apache/2.2.15 (CentOS)
etag
"1421bfb-2987a-5cd3bc6b497d9"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=22617
accept-ranges
bytes
content-type
text/javascript
content-length
54629
expires
Mon, 15 Nov 2021 00:39:31 GMT
config.js
confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/ Frame BC3D 		57 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
149f318a7105d32c890b485ec0486bdbde246eeee2162165abf15b6f651335a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Age
1764
X-Cache
HIT
Connection
keep-alive
Content-Length
13684
x-amz-id-2
Z/dA6XH8m0H/nOpI6fK+PNN3CMpDdPHwCw4TVIy7OJJ9CZ8HQ/mCrVd2ylrCC9Y2yCRPLY6igL4=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Sun, 14 Nov 2021 17:31:43 GMT
Server
AmazonS3
X-Timer
S1636914154.045688,VS0,VE0
ETag
"773de9f987a3488556f9f92faeb67172"
x-amz-request-id
QZAF0CQXPKAAFN40
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
2
placement.js
cdn1.opstag.com/13877/ Frame BC3D 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.opstag.com/13877/placement.js?cb=1636914154041
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.69.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-69-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee67530b6f73362229e2ac935805411af4a12feffdadc736cec1bf3f9da25f8d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 11:29:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"afc6c9d20e479bdf23a3c998661417df"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
6714
x-amz-cf-id
XHZLcx_hQAzUbZcG8XDyEVovkjF83eV67zsiGc80UmMFrkuc6aJxoA==
ad
pubads.g.doubleclick.net/gampad/ Frame 09C3
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375&pre=1
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375&pre=1
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/8570/Colorado_Springs_Gazette/gazette-13877-300x250-activefill-desktop-pixel&sz=1x1&t=&c=5625127375&pre=1
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		561 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1636914154129
Requested by
Host: fp-cdn.azureedge.net
URL: https://fp-cdn.azureedge.net/prod/cosprings/fp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e66949544e26ca3478f96ca9293fc6126e147d30b543be8f29280ccdae8b7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 14 Nov 2021 18:22:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fEaYsVB5qnbcKAspRwuHow9%2B93CeGZlTt1oDJE3k5DsKC5Ob6A2AeYgMX7N9kq2O%2B0vzInjDKlNsVI%2FBOF07p4DyyZdNywo8vYq6nGgeCQa%2B4LZE1qBsYQzCAjC%2FxsroIiY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ae2441799967562-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
www.facebook.com/tr/ Frame AA13 		0
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://gazette.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
date
Sun, 14 Nov 2021 18:22:34 GMT
4261799581449164663
dfp.bouncex.net/pub/segment/3610/ 		2 B
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/segment/3610/4261799581449164663
Requested by
Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/gazette.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
*/*
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:33 GMT
via
1.1 google
server
istio-envoy
content-type
application/json
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
2
creatives-base-styles.d63dbc50.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.d63dbc50.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 20:19:11 GMT
age
1548203
x-guploader-uploadid
ADPycdtEEU-rpTqsmJHfdykMjYRbU1GOC-zbmdzSEnWJhAIhbcd6Krn4LvQbZ0ZW-jCCBG41zik6K9C0FxsilkcnYvQW5kM-4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
37591
last-modified
Thu, 29 Apr 2021 19:42:40 GMT
server
UploadServer
etag
"b79200767ce874ab5c16c317f730a7c6"
x-goog-hash
crc32c=dfY1Tg==, md5=t5IAdnzodKtcFsMX9zCnxg==
x-goog-generation
1619725360267850
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37591
accept-ranges
bytes
content-type
text/css
expires
Thu, 27 Oct 2022 20:19:11 GMT
visit
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATiYZdVU5AA5Gek0dAGUUADMUJBAneld3VQAyUAgYJAQ65D6kHC7wKGgKPh40U3QEWCRSHDTISFNhalbjGno6Hbo0FCIEVYRGeOz92kwEISu6mxAAWgQslDInsABPMEhXp7SKESCF4T0gBE+WFBDSiT3iXxsyBQqyBESeKEsSEgG12tEakBA8UsAH0bKo8nUXKpJC4nrxSihafRSnU8ujeNI4SVVHUOTZirwzissqRRj1oH0wARSLACQRMLocJJVMxmGLxpLpbKQPKvkqdGruuN4vBwVlgI0QCgbJYwDhKC5tNRZhhiZAvqZctR5NtqNR8YTLDRvdRQn7QIKCMSjTavT7gw1SIhgyFg2BYDYwPEmojiVkCLwMSm5L7qInk37U3705nsyBc-nC6Q8wRHiS6gQCH8kMXS+W4y4ACLqmAXAgREAIe2OhPASC95UePKSdSSVpV6gRhfc5er1qlNelFwuDcoAi91ih4OkUy94MrNY4ktXK6HY6nc6XTZ0G53b+0B5nled5SE+H4-iyAFURBMEIUQPgnhhBA4QRJEUUSdFMWxK4AyJBBSXJSlqVpelGSeZlWXZTl4m5XlJH5VRBUYYVSBTK8-RQDZvRLS8w03UxgAXDdeDvP0RMrdjqB7StnwkkM+PiOdtyXFc1zkDcIHE7jjCeSQNzQbNe3XSSsgvYSQC0+M-XUahiLyAoD3UdRlw0VQSjYvjSCUmTjEXclVOMhSUCyWYQDQTAuPjGc-WkZyXF2O9os3QSfN469vO0vzdzUh1Bw3WK8niqptIdJ1gBS7S0r9Lz5x8rKAvUod8uYOLmUSsqKp9KrqBq5T-L3Rq8qayTOufGcmqHDp4CRDBsGgGxMiEZAcHSTIcimxBUFmmBgGQCB5RwAoWEYYoygqdQNpmrAYAsZEOyQLIcBUfg-2YaRLq267oEFUB4hOD0p0FMAInBUwOhNX5smQaBASzeVdqxEEcDVDACGgC5YGwJAvguQUcBiBQOlR9GCExyBsdxhA5HxhQACUiYQNGMaxr5MGCqcAFVMCgEE2AcTA0H4LIGbRvo0B1TAcB8PIRfRqA9QCeV+EwWXTAIX4MUpnAAFEV1li5sB4a6te1jnZbFiW2ZyHBFb4eUOkbKc1QEWwegQCycA8d6jQJXglR3BqD2ZY8Oh+wl3b9my7IcldnOVYoSg6F0EFAW4PckDpEAAR1gLA-o9tUiUnbACRyDWQv9lS91XdQ5HB8JrpQUwQAR-bJcgdA67Dv6cF4JO5jdAGcFwyxM9JpAe5dmwOjmbAcGmpAgA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
82
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NYIAXhPhAHQDGA9gLb0A7BCVoAzAEYwAtBF4gY6KYQCehXLKnYQnANYQAJlNzclEAYdEg9UzsvERUIfNp1SQ6B7hE0QqXDE4PAH1xADYATlEAdlCARiipfQAOEASAViTRcLd9WIAGG1DSUNFc8QAWUP0OPF50ADJQSFgERE5kNT4oXxgQcQ9CTGIogCFqKiaIINxlYAhxskoqKl9-QPnl6gBhcdhq7iDYQhh+japF8ct0QjPt8cJkcUJOVBOp3m59dwWKS-cbhZUHbLB5PF5vIIfL7oSHcSTBUTcbjqVA-JZUK4AzZRAAijXA0DgSB43B0cGOLEw5VIaXxzSJiBAAk42G4qEQiOQ5kQ+XK4SiaXKmFidMJrSZLLZHO4XP0PLyfIFSWF9ShEEweXq8AgTxg6hg+kwxXy9SOeoNwqKEVi5ViaVISTtSSiUXq1VgnAgFvKVDiUXC4QyNr5sVClSKopa8AtIpuAEdkGZPTH6oE4AJ8DBeBA1CBeMBLcVwja7bbKqn0OncCBgDAoA5jtwBJhq2BSG7CZ7MPpRdNZurVgEPPVCDLUF3teJ6gSM5gOg4gA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:33 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
82
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://x.bidswitch.net/ul_cb/sync?ssp=bouncex
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbouncex%26bsw_param%3D418307b3-2efe-4ae7-aa7c-feaa2462db5...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=30&ssp=bouncex&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent=
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cmp
events.bouncex.net/track.gif/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsAzMQJyEAshArKQAzGEBkokMCAFlhAMLhocfGBABSAEyNgeVihAATKPkasA7lABGEJLChJF+coTUA3JLuRGS5KrQYAOeo4Dsr1sovADR6pJZXCgo6Z2pqKmJqYjJWXCwAcygLKHVDIlZoAEcAVxgfdMl2ABskLmQ0CGw8IjJKGnoHIuBSrixcJDMoACddcHxsBNJPZKQffEU4xKgAfVgAT1wVLG7kFqhMkBzu8c0tVmmRHOhuoA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
86
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame 2044 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 14:31:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Mon, 15 Nov 2021 14:31:57 GMT
truncated
/ Frame 2151 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
10091498889470987024
tpc.googlesyndication.com/simgad/ Frame 2151
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrsduo9wEQgAgYgAgyCAQJsjsVqInY
  • https://tpc.googlesyndication.com/simgad/10091498889470987024
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10091498889470987024
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 08:18:15 GMT
x-content-type-options
nosniff
age
209059
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
8502
x-xss-protection
0
last-modified
Wed, 20 Mar 2019 13:48:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 08:18:15 GMT

Redirect headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:00:39 GMT
x-content-type-options
nosniff
server
cafe
age
1315
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/10091498889470987024
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Tue, 14 Dec 2021 18:00:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2151 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsJ9O6FORYYT6JPGB2fcPi4qUmAP9o5SKZq2S25ubDI-dgq3LBBABINue0BRgu76ug9AKoAGwuqHXA8gBCakCC5T3Zv4ysz7gAgCoAwHIA5sEqgTVAk_Q0om0JL4K-woZZWj2iSPC9fqUCr6CBkibLYPJM4W-NnTArlgrMmfksgPoXDD7N9AZOvfy8XYhhyIA4NaUh4QMUDjuMZ1oPtAdpsOAMwzmHwh9aSDyRiN_SZ7-KyskpqAgEncaJtpRUaAUJJbJHTFwrvUrDxCeixShk34HbT3GXi75j_qgDJFy65mWFwxBNunWvU0Fr4V_tD94C6aVaqmATg-5gEoXziCGDCGSizQfsPZfbfjmzd-n10GpUq1FjvzsahN9FLcItaD-FPhhNEy-Ym8DiaTDTyKbCGfLCTJJuncXZv4lWWcop6JtATtG4eo81E_HrwY289M98SFPoHa27KhuXwPYTTHiV2yVmpwO9YMIFTFVon8YzmRUVSb0-qdUBXkfvGJPYkyaqbwrI2Uz7_DyPW1eADGVxfanGVEY2GKud-xk-i07Bb1dW9_JsL0QVvpNwASO0I_XmgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH5-HQYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHAxDwLtIICQiI4YBwEAEYHYAKA8gLAdgTDIgUA9AVAYAXAbIXHgocCAASFHB1Yi00MzAwMDE4NzMyMjIyMzI3GKTREw&sigh=-Q8P3sNJ9RQ&uach_m=[UACH]&template_id=494
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://gazette.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1699
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame BC3D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=-GGadnx1bEcwSEpDMWFlWHF5RFlhVHNMa2ZiVGh2VlNlcEZaankzSHdrbW4wVGE3d2p5czJQam5Vbm5PZVRQUWp5WWUyZnRlajRvRlRjazRwaWV2WVlkMk1vckIyTWl3d2dWRlJRRVl2MHdRSTB4WTE4ekd4M3AvYmwzdm...
364 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-GGadnx1bEcwSEpDMWFlWHF5RFlhVHNMa2ZiVGh2VlNlcEZaankzSHdrbW4wVGE3d2p5czJQam5Vbm5PZVRQUWp5WWUyZnRlajRvRlRjazRwaWV2WVlkMk1vckIyTWl3d2dWRlJRRVl2MHdRSTB4WTE4ekd4M3AvYmwzdmtRVW1HTXI4RDlpZmUwVmZFRUNXYWZYWmN3d0dIQ21oK1ZXYzBVSlRCMmgxODJyd3llQ3RDVGVCam1QaHIzTzFKM1RGVEJUMS9SOWZNd0NpSDI3RXpUNC9iNDJLQmxWTThoMHFKcWY1RmM2K2d0QXJ3QWlRPXw&cppv=2
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
44fb6b541d93927f474f9aa4bf3aef66fda5c42a3cede8c3fefc8ce99bc3199d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 14 Nov 2021 18:22:33 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2369
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 14 Nov 2021 18:22:33 GMT
location
https://mug.criteo.com/sid?cpp=-GGadnx1bEcwSEpDMWFlWHF5RFlhVHNMa2ZiVGh2VlNlcEZaankzSHdrbW4wVGE3d2p5czJQam5Vbm5PZVRQUWp5WWUyZnRlajRvRlRjazRwaWV2WVlkMk1vckIyTWl3d2dWRlJRRVl2MHdRSTB4WTE4ekd4M3AvYmwzdmtRVW1HTXI4RDlpZmUwVmZFRUNXYWZYWmN3d0dIQ21oK1ZXYzBVSlRCMmgxODJyd3llQ3RDVGVCam1QaHIzTzFKM1RGVEJUMS9SOWZNd0NpSDI3RXpUNC9iNDJLQmxWTThoMHFKcWY1RmM2K2d0QXJ3QWlRPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1790
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame BC3D 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02be652e42bb600ca993e13fd203bda9f8d2992624da6becb8108ef468e9966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1043 / 375 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:34 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/ Frame 12AD 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c62f164ad9b7f1e1097857876ba11f77f5e8a43e6aee7ca81c2b2ee223382809

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Age
483
X-Cache
HIT
Connection
keep-alive
Content-Length
57888
x-amz-id-2
7vwo2M87hKadK17XxXedBiIbGZjBLbOgaYKb9o5CRwn5aHuMMIjx1xxe/qzBYl7OSgPHgCOEYpQ=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Tue, 19 Oct 2021 17:27:23 GMT
Server
AmazonS3
X-Timer
S1636914154.216414,VS0,VE0
ETag
"04ec443a6790126cf7c421707000b257"
x-amz-request-id
KXSEY3ZQB2CDMGWE
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
609
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://gazette.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1817
date
Sun, 14 Nov 2021 18:22:33 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 12AD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Qu1VKXxtcUYwK2p4KzN2ODdwYzQ2WW85eEFIMmRTN0JIcGZsdVB1VmJvWllIMkxvTmVTMHc4QS85MmlVcjlXZEc3WjZ2d0wvQUVUekRacUhrYjBNenpMNjRFOUFoS0ZRYWhPbVZZaUMvbFltVWpFZHU2dUZlSGtkUll2NF...
342 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Qu1VKXxtcUYwK2p4KzN2ODdwYzQ2WW85eEFIMmRTN0JIcGZsdVB1VmJvWllIMkxvTmVTMHc4QS85MmlVcjlXZEc3WjZ2d0wvQUVUekRacUhrYjBNenpMNjRFOUFoS0ZRYWhPbVZZaUMvbFltVWpFZHU2dUZlSGtkUll2NFdMWThWRWNRbFZOVHdiQ25NSHh6bE5kSS9XQVlORldXZDNncUdwQVlJVEo5WWwrTUgyR3J5dElFaVpTQ1NZUy9CT3dBUUdRNmFSZHZyRXo0ekpDYXBuNzFDMDFlcDdBeUdsVU5qYTFzeDN3RzlHOEkxVXk4PXw&cppv=2
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7e882b0689f331388213cb62ea82911f0bf23cd49e623080d246e55fe4051d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 14 Nov 2021 18:22:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2184
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 14 Nov 2021 18:22:33 GMT
location
https://mug.criteo.com/sid?cpp=Qu1VKXxtcUYwK2p4KzN2ODdwYzQ2WW85eEFIMmRTN0JIcGZsdVB1VmJvWllIMkxvTmVTMHc4QS85MmlVcjlXZEc3WjZ2d0wvQUVUekRacUhrYjBNenpMNjRFOUFoS0ZRYWhPbVZZaUMvbFltVWpFZHU2dUZlSGtkUll2NFdMWThWRWNRbFZOVHdiQ25NSHh6bE5kSS9XQVlORldXZDNncUdwQVlJVEo5WWwrTUgyR3J5dElFaVpTQ1NZUy9CT3dBUUdRNmFSZHZyRXo0ekpDYXBuNzFDMDFlcDdBeUdsVU5qYTFzeDN3RzlHOEkxVXk4PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2114
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ Frame 12AD 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02be652e42bb600ca993e13fd203bda9f8d2992624da6becb8108ef468e9966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1043 / 980 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:34 GMT
truncated
/ Frame 2151 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
621af75f2379c4ead9f7b97aaae0d2450c6cb790dec88122c860ed1510a19a5c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/ Frame BC3D 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NDWu2Xp1GnoaY0P5qy6y80dmR8/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c62f164ad9b7f1e1097857876ba11f77f5e8a43e6aee7ca81c2b2ee223382809

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Age
483
X-Cache
HIT
Connection
keep-alive
Content-Length
57888
x-amz-id-2
7vwo2M87hKadK17XxXedBiIbGZjBLbOgaYKb9o5CRwn5aHuMMIjx1xxe/qzBYl7OSgPHgCOEYpQ=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Tue, 19 Oct 2021 17:27:23 GMT
Server
AmazonS3
X-Timer
S1636914154.279939,VS0,VE0
ETag
"04ec443a6790126cf7c421707000b257"
x-amz-request-id
KXSEY3ZQB2CDMGWE
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
610
load.js
s.ntv.io/serve/ 		387 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14de714d5b5b81cad661d0842adf384d656d54600672693161487bb327738eea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
x-amz-request-id
CH9F3460EXVGV9KE
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
RVhNNRy/JPTOGTzi7GhJ877T1JxXm8f0G8mtD44T/GdNq1O4rq+yzU4uHEyIZrCGguxaR4+ZOy4=
Last-Modified
Wed, 10 Nov 2021 22:16:08 GMT
Server
AmazonS3
ETag
"8ee26b08433f01c219bc35b48c582345"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2151 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 08:58:25 GMT
x-content-type-options
nosniff
age
206649
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 08:58:25 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame BC3D 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:34 GMT
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame 12AD 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:34 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-GGadnx1bEcwSEpDMWFlWHF5RFlhVHNMa2ZiVGh2VlNlcEZaankzSHdrbW4wVGE3d2p5czJQam5Vbm5PZVRQUWp5WWUyZnRlajRvRlRjazRwaWV2WVlkMk1vckIyTWl3d2dWRlJRRVl2MHdRSTB4WTE4ekd4M3AvYmwzdmtRVW1HTXI4RDlpZmUwVmZFRUNXYWZYWmN3d0dIQ21oK1ZXYzBVSlRCMmgxODJyd3llQ3RDVGVCam1QaHIzTzFKM1RGVEJUMS9SOWZNd0NpSDI3RXpUNC9iNDJLQmxWTThoMHFKcWY1RmM2K2d0QXJ3QWlRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1077
date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Qu1VKXxtcUYwK2p4KzN2ODdwYzQ2WW85eEFIMmRTN0JIcGZsdVB1VmJvWllIMkxvTmVTMHc4QS85MmlVcjlXZEc3WjZ2d0wvQUVUekRacUhrYjBNenpMNjRFOUFoS0ZRYWhPbVZZaUMvbFltVWpFZHU2dUZlSGtkUll2NFdMWThWRWNRbFZOVHdiQ25NSHh6bE5kSS9XQVlORldXZDNncUdwQVlJVEo5WWwrTUgyR3J5dElFaVpTQ1NZUy9CT3dBUUdRNmFSZHZyRXo0ekpDYXBuNzFDMDFlcDdBeUdsVU5qYTFzeDN3RzlHOEkxVXk4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1325
date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSKGD4T&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/cosprings/g2i.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
420eb953db5dd75200b4c63f8c2ecd659a352b6d712e0866da4c04255f0ad163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
46913
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 14 Nov 2021 18:22:34 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C34) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1653
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (mil/6C34)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
73b022a3-101e-0049-2f80-d9aa9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sun, 14 Nov 2021 18:52:34 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 05:36:30 GMT
Via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc1.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
45965
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
be0RMGYyL0WDp36BJzMJA1dO7n7mVUXkPYa17qRm74NbUonwRjyHDg==
GAZETTE__GAZETTECONFIG.json
cdn.ayc0zsm69431gfebd.xyz/prod/data/cosprings/ 		143 KB
144 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/data/cosprings/GAZETTE__GAZETTECONFIG.json?_=1636914154684
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9f1ced139faf5ce7c10afb8553cd70ecd8f5b3b4263a09befeb1808e1dadd916

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Sun, 14 Nov 2021 18:22:34 GMT
last-modified
Wed, 10 Nov 2021 09:04:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8D9A4291302611F
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
aa3ade1d-f01e-0133-2984-d93907000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
146822
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.48.212 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
CRZ7N4HF9EZDFJF0
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
egzgVoYNdcSCPFwuAkMOe+SVrnOxm7SjyMQ6rgSxV+J1PQOz8ZDJMQCJ/v25qpBBtSYDJu+HORw=
x-amz-meta-s3b-last-modified
20191015T134358Z
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
ac52210e21e627095083a9b31c888bf64cf360d990d56be585ad359086c1d62e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
936
expires
Mon, 1 Jan 1990 12:00:00 GMT
600d3068-de7f-43cf-ace8-14271b462940.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/600d3068-de7f-43cf-ace8-14271b462940.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b590224ecb863f3231f09aaf7be829a05e738cf8c126271505957b78dbed7b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
rmPmr3GF3xmZzr7KddKRxxwQrvUM7aLS
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 19:43:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"f8418128e49d979db17c392686ecb4f6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 14 Nov 2021 18:22:36 GMT
x-amz-cf-id
qpRmyieJxcPakC1Xjni8qfByXAQd2j9Fat8QgvCIWZx8cQdoAAgRew==
serve.js.php
trends.revcontent.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=112913&t=rc_14&c=1636914154776&width=1600&referer=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
732e758e2026782f50ffdeac97d87ccdf55b9603e741fd518afca9e50244dc8a
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
1249
mvo
tag.1rx.io/rmp/232822/0/ Frame 12AD 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/232822/0/mvo?z=1r&hbv=5.11,2.1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/ Frame 12AD 		0
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
179
vary
origin, Accept-Encoding
cygnus
htlb.casalemedia.com/ Frame 12AD 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=632135&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2253d5f226a85763%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2262d92f6bbb26ed%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22632135%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000035%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
563f347707f5b6412e16bb68768d6986e88b35949d41b35d42b5f182a3800a15

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://gazette.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
27
expires
Sun, 14 Nov 2021 18:22:35 GMT
prebid-request
onetag-sys.com/ Frame 12AD 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://gazette.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 12AD 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=255496&zone_id=1977382&size_id=2&rp_schain=1.0,1!yieldlift.com,2000035,1,,,&eid_pubcid.org=771754d4-59d3-4a50-8ee2-68458d9f0cfe%5E1&rf=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tk_flint=pbjs_lite_v5.11.0&x_source.tid=49df95ce-086f-47b3-96a7-f1d17bb8ff69&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38990876519012363
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cc7d102446e8552ebe43f75fd0c82d4a344f881fee628189788819ba3c9ab51b

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 12AD 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2bdb6a4438d141b0efc22cf06a5553cb3ed29bab5c086a2e11970e9d5ff52328
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
34d25bef-4e37-440a-8766-8082e363ce3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ Frame 12AD 		95 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214a63ab6c1ed7be%22%3A%221abbfe517546812e3043%7C728x90%7Cgpid%3D%2F8570%2FColorado_Springs_Gazette%2Fgazette-13875-728x90-activefill-desktop%22%7D&ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&s=572151f7-c6a9-47cc-addb-3198d219cbd1&pv=c31337df-8e21-41cb-b0da-28ab3900deaa&vp=mobile&lib_name=prebid&lib_v=5.11.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000035%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
95d9d2fa22f3870a20fdf38dd0c5bfec796fd4d2aeac90df70756a5686a3115a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
os4m-d.openx.net/w/1.0/ Frame 12AD 		173 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=49df95ce-086f-47b3-96a7-f1d17bb8ff69&nocache=1636914154809&pubcid=771754d4-59d3-4a50-8ee2-68458d9f0cfe&schain=1.0%2C1!yieldlift.com%2C2000035%2C1%2C%2C%2C&aus=728x90&divids=div-gpt-ad-7907150279912-0&aucs=&auid=543962957
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
49ec0963f84b45ba6637b3060577afa7094a7c8a6ded196e71fd0504dbba763c

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 12AD 		94 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
57bd31e52e26b2440250b6e403352da126160c7ac65832b6045c10ceefa8c74b

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://gazette.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
translator
hbopenbid.pubmatic.com/ Frame 12AD 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BC3D 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13702&site_id=255496&zone_id=1977430&size_id=15&rp_schain=1.0,1!yieldlift.com,2000035,1,,,&eid_pubcid.org=771754d4-59d3-4a50-8ee2-68458d9f0cfe%5E1&rf=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tk_flint=pbjs_lite_v5.11.0&x_source.tid=a35000bc-588e-48e6-9a6d-98236579563c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5701597087182622
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f6a29af0d6e731770a94e249b68bfaef2f10f0900fa373e1eb837cc621453587

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ Frame BC3D 		94 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224168bb42320d7d%22%3A%224a4a265de90d2dd68460%7C300x250%7Cgpid%3D%2F8570%2FColorado_Springs_Gazette%2Fgazette-13877-300x250-activefill-desktop%22%7D&ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&s=9226b456-7d73-46cd-a2f7-184809f0b31c&pv=23a5985a-6d51-4bc0-9cb2-dc1cd5fa6039&vp=mobile&lib_name=prebid&lib_v=5.11.0&us=10&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000035%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22pubcid%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
5b492bcc760394392f80ae8e079819f5133b20b7c709fe9f556f5e5f7cf001f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ Frame BC3D 		0
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
77
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame BC3D 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4d879dc49446960b0f81f9b6744a1d1cf6284c677763102a1ee6bb47f17963d1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
98457aff-a40b-47f8-860c-76631050705d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame BC3D 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://gazette.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ Frame BC3D 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.11.0
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
31df362a59f4df86981a82724e76d5be77f3e35d2bfc18ea4294b6dedd018d60

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 Nov 2021 18:22:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://gazette.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
cygnus
htlb.casalemedia.com/ Frame BC3D 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=632137&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22136a295c72741b6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.11.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22148c3cd38f7efa7%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22632137%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22yieldlift.com%22%2C%22sid%22%3A%222000035%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85b3296366e5bc195665f7562a8d64aff84b506141c42a6521d8006ab513f8f0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://gazette.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Sun, 14 Nov 2021 18:22:34 GMT
mvo
tag.1rx.io/rmp/232824/0/ Frame BC3D 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/232824/0/mvo?z=1r&hbv=5.11,2.1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
arj
os4m-d.openx.net/w/1.0/ Frame BC3D 		173 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://os4m-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a35000bc-588e-48e6-9a6d-98236579563c&nocache=1636914154838&pubcid=771754d4-59d3-4a50-8ee2-68458d9f0cfe&schain=1.0%2C1!yieldlift.com%2C2000035%2C1%2C%2C%2C&aus=300x250&divids=div-gpt-ad-9114946917775-0&aucs=&auid=543962959
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
fe0d5a922159b542d16dea44fc0dad888f220eb294354ae1cbbf3583c2115e6f

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame BC3D 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACUABBAQCAG~&jid=441560321&gjid=1022298043&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&_r=1&gtm=2wgba1MSKGD4T&cd1=1636914154847.65dnfapp&cd2=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914154847.0.ylmwd2qnvd&cd18=Not%20Set&cd20=1.2.0.0&cd7=Not%20Set&cd19=Default&z=1281360067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSKGD4T&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1288
date
Sun, 14 Nov 2021 18:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
20006
expires
Sun, 14 Nov 2021 20:01:06 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914154858.gfuxcdo8&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914154859.0.v8croy0zvha&cd18=Not%20Set&cd20=1.2.0.0&cd7=Not%20Set&cd19=Default&z=496132881
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18320
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37551682-2&cid=136574573.1636914153&jid=441560321&gjid=1022298043&_gid=873651966.1636914153&_u=aCjACUABBAQCAG~&z=662459651
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Nov 2021 18:22:34 GMT
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
serve.js.php
trends.revcontent.com/ 		100 KB
101 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=112913&t=rc_14&c=1636914154776&width=1600&site_url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&referer=&skip_iab=true
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
96f8f0260bcfded056d7459208f020dd483e90346706913df4dce3f5aea925a2
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:35 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/javascript; charset=utf-8
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37551682-2&cid=136574573.1636914153&jid=441560321&_u=aCjACUABBAQCAG~&z=1812284654
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-37551682-2&cid=136574573.1636914153&jid=441560321&_u=aCjACUABBAQCAG~&z=1812284654
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 09C3 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1lYLkrdLlc4B0sa1wM31xaXF0S_JRcq4jn_1DnaZPDt3Vf1o3Am-hWi3xsBQZO4CZArXMz7WI1BC8OOyaCOWP1DPRwESEzRhDVh73o-NcBcOft7tM&sig=Cg0ArKJSzOUDFJ3PHJe7EAE&id=lidar2&mcvt=1000&p=671,1180,921,1480&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2136645631&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914153119&rpt=809&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7131 		42 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYMQNvfsGR3WuKLBazqmtLZXzZ90fK5Kttcgk--zXu39wh1axc0qg16ConpRCo_i0rSLgKo3_xBduBgt7j2ZHyetI_Df8mYRNVXFXaX5x8ExVzLtyu&sig=Cg0ArKJSzDCsTUFNU3aeEAE&id=lidar2&mcvt=1001&p=269,436,359,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=839907893&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914153109&rpt=796&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rev2.min.css
cdn.revcontent.com/build/css/ 		83 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 17:31:55 GMT
etag
"1636565515"
x-hw
1636914155.cds090.lo4.hn,1636914155.cds040.lo4.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=24899
accept-ranges
bytes
content-length
23124
rev2.min.js
cdn.revcontent.com/build/js/ 		280 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 17:31:55 GMT
etag
"1636565515"
x-hw
1636914155.cds090.lo4.hn,1636914155.cds087.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=34529
accept-ranges
bytes
content-length
85555
score.min.js
js.ad-score.com/ 		310 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
194d650ac7e135966c31cdf96e916fcf35cc135c8150f8c4020c79cdf50ecc38

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 17:41:08 GMT
Content-Encoding
gzip
Age
2487
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sun, 14 Nov 2021 17:41:08 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
FRA6-C1
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
IAbY7mJ62LVBwm5XaRvLz8kJDMgn7yJ99hJ8JTfCDsMviIyKGhcSQw==
Expires
Mon, 15 Nov 2021 17:41:08 GMT
f6114e616082a86e34e2d807072fbb8e.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/f6114e616082a86e34e2d807072fbb8e.jpeg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
65697cbb932999bc0c234f2ef0ce8c6c8c1be71224f15e90f6e0abda7dc59ad9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="f6114e616082a86e34e2d807072fbb8e.webp"
server-timing
fastly;dur=313;cpu=0;start=2021-10-28T04:17:12.032Z;desc=miss,rtt;dur=0,cloudinary;dur=232;start=2021-10-28T04:17:12.072Z,cld-id;desc=7e39bc6e48aaa61cb9eac2d72dec02bc
content-length
14416
x-request-id
7e39bc6e48aaa61cb9eac2d72dec02bc
last-modified
Thu, 28 Oct 2021 04:11:04 GMT
server
Cloudinary
etag
"f18a351da24b5078f9e0b1ce61a7b713"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds089.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
616ea0d0586696-24326514.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/616ea0d0586696-24326514.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f18b319b294c1f8cbd9ad9feb6006ddb07303cff099a494d8df2ad70b7cb44c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="616ea0d0586696-24326514.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-10-22T17:06:57.562Z;desc=hit,rtt;dur=0
content-length
9138
last-modified
Tue, 19 Oct 2021 23:38:11 GMT
server
Cloudinary
etag
"a08f4a9b1b3fd99adf127ff705670cd9"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds240.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
dcb6ed5ef564e04024246f6b8e86107f.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/dcb6ed5ef564e04024246f6b8e86107f.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7e09278550f1055f849e9cb23ab9437afc6fde1cb66afeca74406a478818622e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="dcb6ed5ef564e04024246f6b8e86107f.webp"
server-timing
fastly;dur=18;cpu=0;start=2021-04-18T17:24:28.170Z;desc=hit,rtt;dur=0
content-length
15320
last-modified
Tue, 06 Apr 2021 07:55:19 GMT
server
Cloudinary
etag
"d9364ebef51f6611839bb54454f23653"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds088.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
9c99ded08714b81e4f25f1747d6c964d.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/9c99ded08714b81e4f25f1747d6c964d.jpeg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6e9abae6b10c6b284fa91e5f2eda070db1f4e1de962bc41c9bd86181331f66e5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="9c99ded08714b81e4f25f1747d6c964d.webp"
server-timing
fastly;dur=679;cpu=0;start=2021-10-31T11:03:45.821Z;desc=miss,rtt;dur=0,cloudinary;dur=599;start=2021-10-31T11:03:45.860Z,cld-id;desc=ece079916107bd5a5bf38af5edcbec19
content-length
5432
x-request-id
ece079916107bd5a5bf38af5edcbec19
last-modified
Sun, 31 Oct 2021 11:03:47 GMT
server
Cloudinary
etag
"71535784b59251c699125ab5d3b3789a"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds235.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
61089dcaebc649-38002611.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/61089dcaebc649-38002611.jpg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7317397fa8a64d5d5a47e9c24a46f6192a6488c7204483e06dcd5f50375b730f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="61089dcaebc649-38002611.webp"
server-timing
fastly;dur=148;cpu=1;start=2021-10-16T18:54:50.249Z;desc=miss,rtt;dur=0,cloudinary;dur=67;start=2021-10-16T18:54:50.292Z
content-length
7956
last-modified
Wed, 04 Aug 2021 04:34:47 GMT
server
Cloudinary
etag
"e6a0ecb8c30ae7c749a8cbfcc2f52aee"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds235.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
96f7bbcdef6dd06464304492d0d45492.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/96f7bbcdef6dd06464304492d0d45492.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c9a4b75c4f0b70e8eaf48f2c3b9d409e835ae7fa631850e48cb36234aad474a3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="96f7bbcdef6dd06464304492d0d45492.webp"
server-timing
fastly;dur=2;cpu=1;start=2021-07-19T12:35:38.491Z;desc=hit,rtt;dur=0
content-length
12160
last-modified
Mon, 19 Jul 2021 12:33:59 GMT
server
Cloudinary
etag
"d7988cea3db6f17b761b524465902445"
vary
Accept
x-hw
1636914155.cds044.lo4.hn,1636914155.cds056.lo4.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
integrator.js
adservice.google.co.uk/adsid/ Frame BC3D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BC3D 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BC3D 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3161424398085197&correlator=3334951696614682&output=ldjh&impl=fifs&eid=31060978%2C31061029&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=8570%2CColorado_Springs_Gazette%2Cgazette-13877-300x250-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=rfsh%3D1%26rfshtime%3D14&eri=1&cookie=ID%3D6ea4fd15ebebab7a-220ba5baf9cc0050%3AT%3D1636914152%3AS%3DALNI_MbtfBF22IjkeSQz8a5Obro9l0wksQ&cdm=gazette.com&bc=31&abxe=1&lmt=1636914155&dt=1636914155216&dlt=1636914154033&idt=712&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1180&adys=671&adks=954955562&ucis=v05gqt5qtg4u&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&top=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=873651966.1636914153&ga_sid=1636914155&ga_hid=1113825311&ga_fc=true&fws=260&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3e5172670a97cf452133f745390529427f6dea7a260b71cade101821159528aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11558
x-xss-protection
0
google-lineitem-id
5071161039
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296802708
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BC3D 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccc3fb047476fdfe9e328f924e94ac3e6fdff014e1712a276b8a0098c7b0a8e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9203
x-xss-protection
0
container.html
cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:35 GMT
expires
Mon, 14 Nov 2022 18:22:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
integrator.js
adservice.google.co.uk/adsid/ Frame 12AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 12AD 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 12AD 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3071647180061879&correlator=3603402387022511&output=ldjh&impl=fifs&eid=31063206%2C21068031&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=8570%2CColorado_Springs_Gazette%2Cgazette-13875-728x90-activefill-desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=rfsh%3D1%26rfshtime%3D14&eri=1&cookie=ID%3D6ea4fd15ebebab7a-220ba5baf9cc0050%3AT%3D1636914152%3AS%3DALNI_MbtfBF22IjkeSQz8a5Obro9l0wksQ&cdm=gazette.com&bc=31&abxe=1&lmt=1636914155&dt=1636914155270&dlt=1636914153913&idt=843&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=269&adks=3718738988&ucis=4j8zpz6zqgs1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&top=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=873651966.1636914153&ga_sid=1636914155&ga_hid=253882960&ga_fc=true&fws=260&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
cc556e8e4d6a7fdbecfd3f69f1d34457c0ea497bc5f52b6710aa0fd52689eba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11545
x-xss-protection
0
google-lineitem-id
5071160298
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138296811092
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 12AD 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdf51c9e803c4fe8d92731671b1bd0aef5b6b7756682119b08536f914d1cf38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9186
x-xss-protection
0
container.html
a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A5A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:35 GMT
expires
Mon, 14 Nov 2022 18:22:35 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BC3D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 14 Nov 2021 18:22:35 GMT
cors
data.ad-score.com/data/ 		50 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SfbmfqiIUvcdEgltKxZBIBlkbtornQCd-FE7fPshldVrrKDgR03rCFkrH-E0zCOsRmalTkPg==&pm_ct=a559ba1c6eaee7953e624140&pm_pl=1636914155337&pm_td=11&pid=1000177&en=1.1&callback=__pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR._gc1&tt=opt&v=bf28c17
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
b646391d51939e42d4ce97a485d4fc57f132e921db2bc60e6ebfb69955f954da

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:35 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
50
x.html
js.ad-score.com/ Frame 8D12 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000177&tt=opt
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 11:52:45 GMT
Date
Sun, 14 Nov 2021 17:41:08 GMT
Cache-Control
public, max-age=86400
X-Cache
Hit from cloudfront
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
jDX7wbhfmNrgrA6P4Ys-hccoNTodcEzxVSHCCOMbwqO-n-3gaV1nCA==
Age
2487
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 12AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 14 Nov 2021 18:22:35 GMT
cors
data.ad-score.com/data/ 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SfbmfqiIUvcdEgltKxZBIBlkbtornQCd-FE7fPshldVrrKDgR03rCFkrH-E0zCOsRmalTkPg==&pm_ct=a559ba1c6eaee7953e624140&pm_pl=1636914155337&pm_td=75&pid=1000177&en=1.1&callback=__pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR._gc2&tt=opt&v=bf28c17
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:35 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/gif
imp.php
trends.revcontent.com/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/imp.php
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.164.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-164-0.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:35 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
0
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 2151 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstT1FjJoMLKvFx9SoCqCoR8AXjMVxlXv_ILgsj7QQmeKJDKeRah2VGQ5fzaX4P-t7pITPrcOuRiSOHiIQ2P6aTgrQrE6Gi_oqfx835qplxUN__OhqSk7g&sai=AMfl-YRZ1TA1IqQnkAxGVW3k_CVgY9B_mrFNH2wSgUBy8G96COMboua7qDRBOWyMOrsYq_AQUbRkxEQxKnj3cLIPLAdmJrQDZRjoPBf2CeBeWe_EvRMhMyx-G1TdfO4y4j4&sig=Cg0ArKJSzHs0D0kG2TflEAE&cid=CAASPeRoapM-DgxC43IMmpWhE9uswH6KLWR1bvtYC9H9HD8ovctTyvELsbg7UN293cI-84aN5st-qZ5enYWKbiQ&id=lidar2&mcvt=1117&p=1105,436,1195,1164&mtos=1117,1117,1117,1117,1117&tos=1117,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1911169261&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914153245&rpt=1086&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/ 		103 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:c800:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e6f9dc5ccb76df148d932e79a5c3103b84d3792b9c79da577af3992adfac54c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
P7IPqZgBnyH0p2lkcFBffc.2hiccGQQ_
content-encoding
gzip
last-modified
Fri, 12 Nov 2021 18:45:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
etag
W/"b8204cc1c24750582edb9048f7e7c48a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 14 Nov 2021 18:22:36 GMT
x-amz-cf-id
C2VBUovKKLYtPB53uTnqNXjvVu0Dj2sCAY4zgnNmLWVdcX5pSVa2pQ==
/
geoip.instiengage.com/json/ 		235 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
fcb8ca528bf131cf285667276d43051e094cd10550903ba872d186af9c08ce48

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:35 GMT
access-control-allow-credentials
true
x-database-date
Sat, 13 Nov 2021 22:47:09 GMT
content-length
235
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame C12F 		73 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html
content-length
73
last-modified
Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id
Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges
bytes
server
AmazonS3
date
Sat, 13 Nov 2021 20:26:43 GMT
etag
"d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache
Hit from cloudfront
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
7XrIHyxnLo7gya4iNWVp6xJuzG2n2FYIhDbf0XxDUJaBSgL6WTVB-w==
age
78953
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=14911
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=17269
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5238427&ntv_pl=1111735
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=1c2bd688-9793-432d-bc66-e8bbb37ce047&ntv_fl=CF4se3gYGjAPzQcMJoAeWR9Lu6JKsJfyGp312EA3JXs5Zz88HywxCpCmSNSBbx-iZ--PJRg4qTl2Hhr6qhQKs5JQpK-rcBORco-NxaDV8KMj7stBLqtmniqPrlraqnVVusgv14RrgIe6CMb7rWZgCRuced3EovLwIfiOmBOYWZlRTs7VMvTrun49LFLugleI5Tj36Yyz1Ljwz4hf8mXAlpQBj8jjPrGjc1gG0FIbLZREQuZpTlAEEDZ7qOb6jwwN-bUcvLzcU8f1b0UnIqE5IA==&ntv_ht=61ORYQA&ntv_at=303,302&ntv_a=AAAAAAAAAAt_YQA&ord=1636914155475&ntv_dpl=1028,1029,1034,1003,1005,1006,1007,1041,1011,1016,1050,1019,1052,101951&ntv_it
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1112243&ntv_gdpr_consent=&ntv_it
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:35 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 825B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 14 Nov 2021 18:16:12 GMT
expires
Mon, 14 Nov 2022 18:16:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
383
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame CA5E 		783 B
947 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
937b3f63461afad89019635cfe35969b1cfc31a3f2b2d4e5591edeffd8ca16b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8UZYoXsgWyGMCAb3mPoP5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 14 Nov 2021 18:22:35 GMT
date
Sun, 14 Nov 2021 18:22:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8UZYoXsgWyGMCAb3mPoP5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
clear
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 957B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 14 Nov 2021 18:16:12 GMT
expires
Mon, 14 Nov 2022 18:16:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
383
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame DE2A 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b30bfd38d2ed1a5f3aa6c1f15a0cb2cadeb2e5a2208373cd27760f3ef5c6800
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gJqSKYyK5JFrSEaFG7W+Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 14 Nov 2021 18:22:35 GMT
date
Sun, 14 Nov 2021 18:22:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-gJqSKYyK5JFrSEaFG7W+Jw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
clear
view
securepubads.g.doubleclick.net/pcs/ Frame 40CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfKSAzvSZnq5UXh_Dj4Dz9ylbJOxq7hfn_nLF7Y7qntb-53S_xAO9GQXJQ60IvtBBRzPctFTocSlCHEw8XkJdk7GPA_ZqNyNnt6Au4je6YbhT5Yj_4oetwegxU03dVR1lw_qB8gzYPi6nLyH1ayknnXADDHenPe-G6PmFoS1RvjLwO20eEnORnnpnjsXpdDicS8jdK1PNryVzG-9-xf52B4U8VcEvX_3m_7zQCg0vjtKkHwzdfbBJSUoyUA755WGvX2LoaU1T3y2mIxat9kb8lTDxX2Q36zC28NB7lxqVJ5X6L9ZslTIcAS1Cq97MNA_UK1sJmUBx6nhTHCzTGXZJaH0Bqz47M-zHAcS7JwGM_NCjHEso&sig=Cg0ArKJSzHhcsQ2vMTkUEAE&uach_m=[UACH]&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 40CC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 40CC 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:37 GMT
l
www.google.com/ads/measurement/ Frame 40CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU4B5Jif4jIearwIsbEKLiSp6SbOWzhYBdxApwourUCmrrZqUG3vfSk9mBLLtNBE6zEwaC
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
3083443360271152484
tpc.googlesyndication.com/simgad/ Frame 40CC 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3083443360271152484
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 00:23:18 GMT
x-content-type-options
nosniff
age
237557
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
16907
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 18:43:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 00:23:18 GMT
x.html
js.ad-score.com/ Frame 8D12 		0
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/x.html?pid=1000177
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000177
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:f400:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.ad-score.com/x.html?pid=1000177
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 17:41:08 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Fri, 12 Nov 2021 11:52:45 GMT
Age
2487
Access-Control-Allow-Methods
GET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
isJ27kIMMaiHkofG7qGPxH52h7kg8cqb7Kh0njCAy-CajwwOGC-mmw==
Via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc3.cloudfront.net (CloudFront)
view
securepubads.g.doubleclick.net/pcs/ Frame 6B8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst01GNYalZQEnFmpwbK6sN1PCYHh3JPGx38REC778eBEKQqbcg0Rr80TGCeWOidyynxGnCXw17DoA05KfVD5prSmhpYKed5wCO5UOj4uAvHOaMNoRiut6otuSX84yq4ckf1KCnDHU1wCfqjGfpFS8Pr4Qw4OAyhgwRPPx3Vm8JY3OAaGfuGDk3_NSTpyfRcUPxsvVU2xCVucnEKAEUEX4Mp-JRvg9uaBtb9XQNsBRPuN34BxYllItMeSGkIdTEoXeJOu9hbGoehhHmnDdbOvN3tJPV22VTXP8EeD-FjLpDpeKdlaBdTHEMpbwHFlozKzKHInNsyBpSKcChE0Z7ziw7blKGIEJYEDLulySQc4AO7vhPL0DiL&sig=Cg0ArKJSzH2gid_XU332EAE&uach_m=[UACH]&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6B8F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B8F 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:37 GMT
l
www.google.com/ads/measurement/ Frame 6B8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgXwFl6Ni4U5ZlQj1gu-KjGe9PHBGgBg_cXpyikRg5WqdBlEKRVHqJGaY8XHppunoll4Zb
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
1889370822606769139
tpc.googlesyndication.com/simgad/ Frame 6B8F 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1889370822606769139
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0f15e60acc92819e5dd9b498cb7b69f854b1c0220b44c9a18fea4ac0688f8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 18:57:14 GMT
x-content-type-options
nosniff
age
257121
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
169234
x-xss-protection
0
last-modified
Thu, 05 Dec 2019 19:00:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 11 Nov 2022 18:57:14 GMT
cors
data.ad-score.com/data/ 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SfbmfqiIUvcdEgltKxZBIBlkbtornQCd-FE7fPshldVrrKDgR03rCFkrH-E0zCOsRmalTkPg==&pm_ct=a559ba1c6eaee7953e624140&pm_pl=1636914155337&pm_td=450&pid=1000177&en=1.1&callback=__pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR._gc3&tt=opt&v=bf28c17
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:35 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
log_event
www.youtube.com/youtubei/v1/ Frame 2044 		28 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/8d287e4d/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/videoseries?list=PLpy0J4i9ZtSFMYoe9JG4iSlgPPcpAYaMy
X-YouTube-Client-Version
1.20211110.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs5U1RCYk1NNEVScyjnp8WMBg%3D%3D
X-YouTube-Ad-Signals
dt=1636914153146&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKraDROfygYc4WwXkXpMOyUMKJsXGeQV8hGVAdw67l6jaIC93DenCMbWovFKGC8JA5BPXPFkjNpZG0JhqlSJkDUJKODvJQ

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
31
x-xss-protection
0
expires
Sun, 14 Nov 2021 18:22:35 GMT
bundle.js
auth.instiengage.com/auth/ Frame C12F 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/bundle.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:58:37 GMT
server
AmazonS3
age
78948
etag
W/"3f019eeba204464fe4c8dad30cf9150b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
date
Sat, 13 Nov 2021 20:26:50 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
6yKqQYaUee9dJPzpZxBREl_S1wXO32n__pjs0hQ-iSDLFegCNYN1bA==
14911
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/14911?t=20211014184
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
_as22wzOjkx4blIPQJKCujEUFyWPlRuq
last-modified
Sat, 09 Oct 2021 06:01:16 GMT
server
AmazonS3
x-amz-request-id
SKQP8SM75P8VPAF5
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
binary/octet-stream
date
Sun, 14 Nov 2021 18:22:35 GMT
accept-ranges
bytes
content-length
0
x-amz-id-2
rIL6xctqG6FIqPp3Gq1R2pPnqKElHNzWj7NN1aijXXxJuVY+zLliiCYFb9IwlQfeeQphYQKVr3o=
sodar
pagead2.googlesyndication.com/pagead/ Frame CA5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=3161424398085197&rc=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DE2A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=3071647180061879&rc=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 825B 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 16:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
5704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Nov 2022 16:47:31 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 957B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 16:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
5704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Nov 2022 16:47:31 GMT
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://auth.instiengage.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://auth.instiengage.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
token
eua.instiengage.com/v1/auth/ Frame C12F 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
76f77a5781177d56d56131ab4fd0c7215736d1b13d44d0a3247c0e6db42c0199

Request headers

Referer
https://auth.instiengage.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Sun, 14 Nov 2021 18:22:36 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
/
geoip.insticator.com/json/ 		235 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
fcb8ca528bf131cf285667276d43051e094cd10550903ba872d186af9c08ce48

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:36 GMT
access-control-allow-credentials
true
x-database-date
Sat, 13 Nov 2021 22:47:09 GMT
content-length
235
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame EC75 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-233-191.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
e7cca963-ffeb-4e91-a752-c2a8788249ac
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
last-modified
Tue, 09 Nov 2021 20:20:19 GMT
server
Apache/2.2.15 (CentOS)
etag
"1121321-309a2-5d060d6975ec4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=58800
accept-ranges
bytes
content-type
text/javascript
content-length
62542
expires
Mon, 15 Nov 2021 10:42:35 GMT
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		428 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58b3d45695078aed2b5551b3740978ddcb9a4a770f769609ca011bcb684a3c08

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:35 GMT
Content-Encoding
gzip
Age
2813
X-Cache
HIT
Connection
keep-alive
Content-Length
65762
x-amz-id-2
FKdhe44dp+wQBI4nIxQ5cYgeLzdapnlU5XjmcQq0g0QRCUD+jM+RCejPD1fPHueL5zydd5J4PCU=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Sun, 14 Nov 2021 17:30:40 GMT
Server
AmazonS3
X-Timer
S1636914156.912171,VS0,VE0
ETag
"d684830180452022cf556f486231a112"
x-amz-request-id
2XFMJDH0J67VMJRA
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
247
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8B95 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
502
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0JEJ0FKXAFDQ7SEQRWN4
date
Sun, 14 Nov 2021 18:16:00 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
JLmFtnuig7gT1UJO61I7AN8J_MdtXInWW2Zq2oJryRLzLOHvXFo5-w==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&bundle=UnXmv19ROUpSU29uaDd0NldyOXMwaVV3dEVzSTV5T2ZDOCUyRkJwc3dBVVhKeHppeFZuVzVPa0NRaGVRQ3puZHE3R1V3T1ZwJTJGZSUyQlRJZnpDJTJGYkdXQVd3dkV2bDN1YllOOVNZRlRxU0xMbCUyQm5qTks1RUNsdjB4VG1PaUZvcFpRMk4lMkY5bGlKZA&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://gazette.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1923
date
Sun, 14 Nov 2021 18:22:35 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgazette.com%2F&domain=gazette.com&bundle=UnXmv19ROUpSU29uaDd0NldyOXMwaVV3dEVzSTV5T2ZDOCUyRkJwc3dBVVhKeHppeFZuVzVPa0NRaGVRQ3puZHE3R...
  • https://mug.criteo.com/sid?cpp=WiHAg3xXQ3AvNzRPMG50OGwwbTU0RnlRSU1wM0FOZDdRL3J5WVZpc2lBWmpRWVVSQWw3ODkvU0oydWFwOWdQVWdhUWl4QlJoRS9TdTAzK0RtU0NoalgzbkxZZE5hOW4wU1BHYkNmZG1pYTNvd2ltRXVNTjNtNXdSQWk1am...
347 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WiHAg3xXQ3AvNzRPMG50OGwwbTU0RnlRSU1wM0FOZDdRL3J5WVZpc2lBWmpRWVVSQWw3ODkvU0oydWFwOWdQVWdhUWl4QlJoRS9TdTAzK0RtU0NoalgzbkxZZE5hOW4wU1BHYkNmZG1pYTNvd2ltRXVNTjNtNXdSQWk1amx3SlJzcHBMV2tDWW5aRjNlWFBsZ0laL2ZxSEJJdUc2RjNnSGVrMFBEN1VpUDZWYWsrK0Jibzd2WmNaa29aQnB0azF6cVVBaFp3UTE3aHZiQkFiNDZ5RjIyUUVZM201aUt2RjkzNXI1cE51aklpZllXeXI4bE9LWitKYXNVUXlaWlo0VGlOSGFHfA&cppv=2
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
85facb678e0418a35efdfa3d73f0383b6c6d5dbe7d6bdd3abae93dbcd378a479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 14 Nov 2021 18:22:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2946
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 14 Nov 2021 18:22:35 GMT
location
https://mug.criteo.com/sid?cpp=WiHAg3xXQ3AvNzRPMG50OGwwbTU0RnlRSU1wM0FOZDdRL3J5WVZpc2lBWmpRWVVSQWw3ODkvU0oydWFwOWdQVWdhUWl4QlJoRS9TdTAzK0RtU0NoalgzbkxZZE5hOW4wU1BHYkNmZG1pYTNvd2ltRXVNTjNtNXdSQWk1amx3SlJzcHBMV2tDWW5aRjNlWFBsZ0laL2ZxSEJJdUc2RjNnSGVrMFBEN1VpUDZWYWsrK0Jibzd2WmNaa29aQnB0azF6cVVBaFp3UTE3aHZiQkFiNDZ5RjIyUUVZM201aUt2RjkzNXI1cE51aklpZllXeXI4bE9LWitKYXNVUXlaWlo0VGlOSGFHfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1936
content-length
509
expires
0
600d3068-de7f-43cf-ace8-14271b462940.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		313 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/600d3068-de7f-43cf-ace8-14271b462940/eb6dafd1-b3b5-4e2e-b529-ab439e7677f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ee00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeced48dc2e40dc5b9355363965ebc7dcd1cc7a9f32df40593bd61d6f9cf5d21

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
8hmiPEp9jV5nYdaPeGGrehTTOyu89050
content-encoding
gzip
last-modified
Sat, 30 Oct 2021 00:15:36 GMT
server
AmazonS3
age
56978
etag
W/"7f21c8132fa57afc126519c7487c08d4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
date
Sun, 14 Nov 2021 02:32:59 GMT
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
nTthIx9_Lz6LECa7p41-tvgSuO4a1bpHtNqPnUNJWJM6IWhlSGH9eQ==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/ 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c62f164ad9b7f1e1097857876ba11f77f5e8a43e6aee7ca81c2b2ee223382809

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Age
485
X-Cache
HIT
Connection
keep-alive
Content-Length
57888
x-amz-id-2
7vwo2M87hKadK17XxXedBiIbGZjBLbOgaYKb9o5CRwn5aHuMMIjx1xxe/qzBYl7OSgPHgCOEYpQ=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Tue, 19 Oct 2021 17:27:23 GMT
Server
AmazonS3
X-Timer
S1636914156.005232,VS0,VE0
ETag
"04ec443a6790126cf7c421707000b257"
x-amz-request-id
KXSEY3ZQB2CDMGWE
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
613
config
c.amazon-adsystem.com/cdn/prod/ Frame 8B95 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0b0b0b673e9dd54874d4a47f1348fdcc93a172fddf681e78dd44bfd86e4f8d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:35 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1553
x-amz-cf-id
PNpOfdyXc-SJtBCzwy_X2q-kVjs5zt55mGw5gRenjl2W6-YnZbXa_w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8B95 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
40280
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
date
Sun, 14 Nov 2021 07:11:17 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Grs__tSWAj1TsEWWRR9uRQVF_PmksCihdbwwRTGdAXDpHtWGQcuMdQ==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=WiHAg3xXQ3AvNzRPMG50OGwwbTU0RnlRSU1wM0FOZDdRL3J5WVZpc2lBWmpRWVVSQWw3ODkvU0oydWFwOWdQVWdhUWl4QlJoRS9TdTAzK0RtU0NoalgzbkxZZE5hOW4wU1BHYkNmZG1pYTNvd2ltRXVNTjNtNXdSQWk1amx3SlJzcHBMV2tDWW5aRjNlWFBsZ0laL2ZxSEJJdUc2RjNnSGVrMFBEN1VpUDZWYWsrK0Jibzd2WmNaa29aQnB0azF6cVVBaFp3UTE3aHZiQkFiNDZ5RjIyUUVZM201aUt2RjkzNXI1cE51aklpZllXeXI4bE9LWitKYXNVUXlaWlo0VGlOSGFHfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1016
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
vary
Accept-Encoding
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 14 Nov 2021 18:22:36 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
414220269
age
0
via
1.1 varnish
header
hb.aralego.com/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34B4E6B23993EA8B0868433A2E96894&tdid=&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&eids=&criteoId=BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA&pubcid=771754d4-59d3-4a50-8ee2-68458d9f0cfe&host=gazette.com&u=https%3A%2F%2Fgazette.com&xr=0&ucfUid=85bec603-156a-4daf-9706-bcfeedf8f7df&w=320&h=100
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:36 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-34B4E6B23993EA8B0868433A2E96894&tdid=&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&eids=&criteoId=BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA&pubcid=771754d4-59d3-4a50-8ee2-68458d9f0cfe&host=gazette.com&u=https%3A%2F%2Fgazette.com&xr=0&ucfUid=85bec603-156a-4daf-9706-bcfeedf8f7df&w=320&h=100
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:36 GMT
Access-Control-Allow-Credentials
true
Connection
close
mvo
tag.1rx.io/rmp/213651/0/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213651/0/mvo?z=1r&hbv=4.43.4,2.1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ib.adnxs.com/ut/v3/ 		246 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
1d131016b71d2cfe833921f5f0ff1db2341b3657cad364bab5772c2505b670e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:36 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
329fde63-277c-4a74-8af2-82398ffa4c8e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
246
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
insticator-d.openx.net/w/1.0/ 		172 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f8259f61-30df-42dc-b148-17a581d61720%2C7cf0b3a0-0366-426b-932d-b263740ef006&nocache=1636914156213&criteoid=BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA&pubcid=771754d4-59d3-4a50-8ee2-68458d9f0cfe&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&aus=336x280%2C300x250%2C320x50%7C336x280%2C300x250%2C320x50&divids=div-insticator-ad-1%2Cdiv-insticator-ad-2&aucs=%2C&auid=540837134%2C540837134
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4a99f50ed67bc5af9fbbc1bd38f5f4f995a365e383cb955c3821a9e96c0df775

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://gazette.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
cf-ray
6ae24424cc197785-LHR
access-control-allow-headers
Content-Type, Origin
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		300 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:12::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
66bcce3d7fa7797fa463a86a5e6cd457ed4dfc30a6d221ba15e2b8d53a85ef21

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://gazette.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
300
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		349 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156526&zone_id=746530%3B1792694&size_id=15&alt_size_ids=16%2C43&rp_schain=1.0,1!insticator.com,4b4d600c-49e2-43d5-a96c-62706d8acc9b,1,,,&eid_criteo.com=BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA%5E1&eid_pubcid.org=771754d4-59d3-4a50-8ee2-68458d9f0cfe%5E1&rf=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tk_flint=pbjs_lite_v4.43.4&x_source.tid=5590df6e-36b8-41b8-8302-518b474cd4e3%3Beb4959c6-b717-497b-ad3b-ae18341dee42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.8741025929581618
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
fe8f568eb5ceba970cb086c049ad619018fbc24e40662202f94e9534551fc185

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
349
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bAj30SovOr6R8YaKlId8sQ
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
35c83394ab0ce794102bcb7df6d0c9521530774937fcae822f0844ec8759bae4

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bDGk30ovOr6R8YaKlId8sQ
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
6dccc4b11c45fd4541d1ab7b379de4078e270b2ff0ed6010063222f8cedc82a8

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
insticator
insticator.technoratimedia.com/openrtb/bids/ 		0
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_4.43.4
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
856133052
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1636914156226&src=pbjs
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=62093&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ns=9933
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7483922bc2813e8b4dc52f32bd2e2023dae9e75707ff6935dc1ea0831e674abd

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://gazette.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=62094&pi=3&bf=336x280%2C300x250&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.4%22%7D&ogu=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ns=9933
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0aa2ea8fd365d9a536a95b4dd5aedd224691d0104b78365d1f0d8a386c63ad28

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://gazette.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
400c744a051fe9b1e71e702dfa19403b9a6f897d0bba5a50af20111ccc355601

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://gazette.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
342cc88a7e72ea0f0089af7a7a00e1de04f47a0f859beabd32ee8ae123d1b1a6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
79817763-983f-462b-83bb-4360b3daf328
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
543bb245302ba84d5289d93ada70cd83d8c77bfbd3b7569497efd5463849d43a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:36 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
76b786ed-fc33-4f38-be19-4cb63c0d1613
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
249
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		116 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22472d1387d3482f8%22%3A%22eeb388762677c11d6c36%7C320x100%2C336x280%2C300x250%2C320x50%22%2C%2248dc448875ecd3a%22%3A%22bf19d84c9fa62a58a838%7C320x100%2C336x280%2C300x250%2C320x50%22%7D&ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&s=af553279-10c2-4b80-b7d7-14aaf8ff51bb&pv=4b13b532-eb9c-4c45-b2bb-19a27e538e32&vp=desktop&lib_name=prebid&lib_v=4.43.4&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224b4d600c-49e2-43d5-a96c-62706d8acc9b%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22criteoId%22%3A%22BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA%22%2C%22pubcid%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%7D&eids=%5B%7B%22source%22%3A%22criteo.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22BjNVQ18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlIwJTJGc2M0NDV4dWViSlZvRVd5dCUyQmVhdyUzRCUzRA%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22771754d4-59d3-4a50-8ee2-68458d9f0cfe%22%2C%22atype%22%3A1%7D%5D%7D%5D&coppa=0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
b6ef605074e55956ec21db15a50240d255e1abcead99824e9565983269dd76b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
141
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=315939&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2249a010d6a28f433%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%22criteoId%22%2C%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%224b4d600c-49e2-43d5-a96c-62706d8acc9b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2250f24c871c31cf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315939%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2251df5b451a0e7b6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315939%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22525e6d48e6f538b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315939%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22534adb9997dba9c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315939%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2254c13f4c82efd2b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315940%22%2C%22sid%22%3A%22320x100%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255fdbc35e2b5bb1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315940%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225654a0d2d0476b9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315940%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225743b02bd55930f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22315940%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ab548cd5f174050cbfed4797da2cd82c78638e3559fc46b9377a0cf6e7875a25

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://gazette.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Sun, 14 Nov 2021 18:22:36 GMT
c
prebid.a-mo.net/a/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:35 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
182
vary
origin, Accept-Encoding
bid
c.amazon-adsystem.com/e/dtb/ Frame 8B95 		64 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=6ae5QytC8cnIo&cb=0&ws=0x0&v=7.70.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fgazette.com_Web_300x250_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27794161%2Fgazette.com_Web_300x250_2%22%7D%5D&schain=1.0%2C1!insticator.com%2C4b4d600c-49e2-43d5-a96c-62706d8acc9b%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
J84WDPC23TDV8NBRZ6K0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
NLy7dQZsK6PUOKOpulG-NJ3tUBQlnccO0CbyFXLYdf1VgsgNT6bTBQ==
ats.js
ats.rlcdn.com/ Frame 8B95 		185 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-70.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
sCfIJpeEYSsr1Erp9JPQ5XALijjlTltt
content-encoding
gzip
etag
W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age
49309
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6a2bb6c4-0bf5-4773-8a36-cefcec4742e6
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
014263e4dda4020061af64b081a8e627
last-modified
Fri, 05 Nov 2021 09:22:31 GMT
server
AmazonS3
date
Sun, 14 Nov 2021 04:46:06 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
4ad1795a3ae6c6b7b8c516c7d218d3ef7f69c9d8f4459e5652ddcd4b5ef110bd
via
1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
t1WmIfhIH_BgavI3JTfS90vQAKerAXoUsfutyPcGvOHpZyhel2uE1g==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 8B95 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-219-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Sun, 14 Nov 2021 18:37:36 GMT
config.js
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 8B95 		61 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fd343a374995be4803476be66583d56870037607e1d3978443bf5c1fe6bdbf3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Age
2820
X-Cache
HIT
Connection
keep-alive
Content-Length
14817
x-amz-id-2
aHsgfePrPx3zuELfyyeTv48SjbayW/oVk7+kI/pENlmW0cm49NlkkekfHhMFpPzn+G/69OnniJM=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Sun, 14 Nov 2021 17:35:31 GMT
Server
AmazonS3
X-Timer
S1636914156.280368,VS0,VE0
ETag
"e9a398db0be43a64eeab381d4b6f5f1c"
x-amz-request-id
Q5Q4MYS7B6JDC340
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
139
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 8B95 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
date
Sun, 14 Nov 2021 17:56:59 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
rbx1
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10053
x-request-id
681019059
944.json
id5-sync.com/g/v2/ Frame BC3D 		213 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , France, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
65d4e970bca5c3d79e13e53087083a66f5a4a148ec2e096da7180fe1f13d606c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:26 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame BC3D 		44 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gazette.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
rid
match.adsrvr.org/track/ Frame BC3D 		109 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
15eb73d068360da6c34cffcb4cffd9c61576388f90b3a0ab0520a3e4093e3846

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 14 Dec 2021 18:22:36 GMT
944.json
id5-sync.com/g/v2/ Frame 12AD 		213 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/944.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , France, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
a09657c72e35c2f034a0b4bd5350925e7fb5da961daa065ab434beb5fe31f1cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:26 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 12AD 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=71nw1m8&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157898/3581/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
c05af36093a358ba227c2d49e0dc5ea5c666e42d131fefb042460461428863d9

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 14 Dec 2021 18:22:36 GMT
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/ Frame 8B95 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c62f164ad9b7f1e1097857876ba11f77f5e8a43e6aee7ca81c2b2ee223382809

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:36 GMT
Content-Encoding
gzip
Age
485
X-Cache
HIT
Connection
keep-alive
Content-Length
57888
x-amz-id-2
7vwo2M87hKadK17XxXedBiIbGZjBLbOgaYKb9o5CRwn5aHuMMIjx1xxe/qzBYl7OSgPHgCOEYpQ=
X-Served-By
cache-lcy19252-LCY
Last-Modified
Tue, 19 Oct 2021 17:27:23 GMT
Server
AmazonS3
X-Timer
S1636914156.331994,VS0,VE0
ETag
"04ec443a6790126cf7c421707000b257"
x-amz-request-id
KXSEY3ZQB2CDMGWE
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
615
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC3D 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=3161424398085197&bg=!QEOlQwfNAAZQLpa_UC47ACkAdvg8WrAXNqatLDAMA0Ce1e1h2ZKVDNwsQ_YWiE1VAUqAO1X3P-cqRQIAAAFNUgAAABJoAQcKADVrnYYC-jUtCFKwYqMwzbrMg2F8cN6zQSG9fblxG3C0kNuglPjJ6XM6fBYQr48X01WQOiw5UpkC3Ni4GU9gAw6jQv2BSTFIhCvuaaTRgDVssKyZCoN7cIawq384vUBcZjm3tAM1Ey2-GE_CEUwVOGtOr7SnndfRoUb8VvXyUrCeIyil6M0eQWErNOudMaVqwf5uOOQmkL-97lYYlV1mxHw3ZgK5I8ZWv0aOREUNyr-jlSbyB0lVzlSQ3u_MYVH_R5phFd0KiZgIyWF52B2BAhaAwlaz4wM0uFGytFtx1smxLYM4DK3uK8jTf82rGFbe-F7TrTJO6R0EOjIwRdH0BEyIWH6pgJxcr48hgpqEts8avccLpvjmX3JdlZVjhxPGys5NSKr2UkKTeNsSCpyqGtK-asJMPzWPSNODTPcusoruHcoAP0Uagmk4ubWIrvKmX5C8M9V5eZ-TXvG-xf7-knYVWVPiOGqeRqzWTZg7RG2SIVu5ST7bGvyKNJyzlwuXROzfwFDg08jYlugn5mDKCb8ksy76iZxgjxnsqQkHUPqP3HP9u3bQw4m0iVIknPimFBTHaYnl_DcViJO3vkZE1hOinvO83UHJ4YifkhkFDQe9KN3nEMHH_m-Fh1wfgsU3d9Oi9VC8JxnHDU1dQKjQ-dlNr0WctdmMmClysveYR5xqkxU3xKl-vANlP7LWpMUXg11DgFISQ5f-hTNTD3kqkFqpX15CpP_7o-p0FoDu-vCPvCNMvqMt1JFFeZl2dnV6DZdfBnpNS_OGKSbe2VQEaAmtMl0UBsrUfIhY_Ac5tS3RYGsXMY6zE5GaqmNnAsDXT3zIo5PNeCKK4rc1vJ3wp8uKsGo72e2Dm7UtjMf4LR8c0fJAi08Y1d3CB9gz7HVtCRmut-77fXGivVoMsleQOzTLwBREFNywi_VmhdRr4TMCATPPzkKVM-WEIai4Ibl4QMGCwyEtEtO14nJ-0mcSmSy-_Te-Vwy3Qw-f7Yeo_S8t1011HqnLjEPjwKIqYvROVa9TFZJTjiwqa9mi84KKvV9LIn4HxQ
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 12AD 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=3071647180061879&bg=!Pj2lPXnNAAZQLpa_UC47ACkAdvg8Wgbof92s06LTbDXE4glnNBqwGO9XVDpBANacXHJasbUJIgESMAIAAAElUgAAAA1oAQcKAIO0oYiq6LGLbR4QQP4ewTEpeqz4867qgK55mYJduRub1J3ScVjUUWruQtebi_G_dXgVb8KWDdOv-eeWQ4Yn1B2ed7uHnAFFNrq1wf2KDMANr49xy6oK6MjkEISLtYbNS9utYk7OCoXmx8rjVWCPyMKkvkS7I4pn16FB-wy4UC9aWivKVpkC1KOr6kjXOiybunBVwvVG6ePAJKFyLOumUrDW273a_ZHApY-DgMmcYrD2sjnNKd-i7wt5qW_lo-o9WvkFQZL85M_3lXMuSM2G0vgci5qAkjb890gmP9_XySGGGOwypVKW-kVtMOKedFUKPvUUdYj40V0e7Ao9V9fceOX1R86YbTn6q1rP7x9vW_mbwzBF8dnEjTO4RS05R3UWeINlbyqSimnQYMBWI-8tWOsjOmcTVI3hepm-u6AB4mFZvXcnHJMKCfb2Q4rBEL6DwFOFybK6G2vfdytU42vyJqpw0Adf8rj-jKs-bP_1kPUfNGxyDV15-E5Hsr0IarEnILvaEdnwotT8cgfavJwq6OAV2tpNhcHMEVmQ0D30MvbDsq-pGC-r6KU0_6UcCCS9DXJGdcaas6k0soN9bNOl3J-7Zs90-UenLCcDbx3KMdcsJxS5obhQNvcpVXpPIbNZ50SzgT__JPZAfGLfTlRIVipgumSk5A3VWLv5d82TR_TUd0kwscV3Kp0sx0Xh-8fu67-5um3ourXk77GZetO6_6xAWMdvjAI10nYQ3Y1ssaHeMv8wP9FjepbFA1k5_irAO0VvKLeO5YjQ9dQJ64oYdsxni9mXXhf0H-Sg5UIALMVRh9KE6VoC_pmlku3-H4hrSdYrefR_QrXPK2qXuCxZUWet1uTn-UtY6Sc__D7fzaIEN8St7Ng1dnEVDMC6MVlc--fD9DmRLiRe_EHjI6TQzRb3Yn_COKkQazEY8rj1hH6j92jgnJBcLGmGHirvNl8ODbHVQODqzoMRKnrRGNzvbecxgQVBibJom75TkwunFIZrBQjbF9eMRt3bdPLw7Dflqpw2pf-HvFvflobFvDZcJ1YxA2V4DPI6oqBrTNvCQ90qmXofxAdum9sROrEHDb12HNTY2m55iSO8BRiavLMEWw6NyOCpc81BIFb4rO2URXmDZp_Ee1f5ZsECK5s
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
080a4d92-3b88-41e6-93e3-54900f8f5e52.js
product.instiengage.com/ceu-code/ Frame 9F4E 		358 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b600:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de66de9e18ea8276935617fbd036ae789de4ab2301e43bfd5f082bedcad4c115

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
v5UTOzNcFuP9iIRwlmBLQp6OZL0Jfq0x
content-encoding
gzip
last-modified
Tue, 12 Oct 2021 23:14:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"bba58a48316c2b5db87ec46aba13ba20"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Sun, 14 Nov 2021 18:22:36 GMT
x-amz-cf-id
a6ZM6Dy0NR98EL5vFHgyE5TRVDO4_ecvMO5jNXfnr3wTIe9hX5YcAQ==
369.json
id5-sync.com/g/v2/ Frame 8B95 		212 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.47 , France, ASN16276 (OVH, FR),
Reverse DNS
p02.id5-sync.com
Software
/
Resource Hash
84814a48af078e0dfe6fe32f65eaea88063c97e417f1dad9efc6b9389044dad1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:26 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
/
geo.privacymanager.io/ Frame 8B95 		31 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-96.fra53.r.cloudfront.net
Software
/
Resource Hash
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 03:15:40 GMT
via
1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront), 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
age
54416
x-amzn-requestid
6ae426d6-3c86-47ab-9579-27a0d4f9fc81
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61907f5c-0d90aff565aede8e3cf3f343;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA53-C1
x-amz-apigw-id
IxjWdGcXjoEFT8A=
content-length
31
x-amz-cf-id
54qhHYL8CwEYsOWGIq3EIJcbxqezwE_Uymf6GfXMwZOm_OCyw38tcQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://gazette.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame 9F4E 		4 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 17:15:44 GMT
server
ESF
date
Sun, 14 Nov 2021 18:22:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 18:22:36 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ Frame 9F4E 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11312075
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
KAWEF1Y8S17D9X2G
x-amz-id-2
8A8PS1bVfmGFcK9wNjjntrVOjA+JmJ+cWEkJuzGu/FmjkXEuCzj0t+uuRf4sbkSy9izBNTLJchw=
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLr%2B6PxOHrRr6II6oayQMfbe%2FF1yV21exhI7UzEesgUXCw58QtgJ8yIk4ZIY03SY9chtUuZJRson1QAEegWibwdZAGQZpKT8lj1%2BKJUd4aTkWXo1hkCkEOQrcStMcjL6fY%2FUNMGjmSWeAqv9hn1Ms7%2FB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
6ae24428289559c5-MXP
collect
www.google-analytics.com/j/ 		4 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1650202400&t=pageview&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&dp=%2F600d3068-de7f-43cf-ace8-14271b462940&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACUABBAQCAG~&jid=1945962770&gjid=373588346&cid=136574573.1636914153&tid=UA-123718506-11&_gid=873651966.1636914153&_r=1&_slc=1&z=1030247319
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.instiengage.com/json/ Frame 9F4E 		235 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
fcb8ca528bf131cf285667276d43051e094cd10550903ba872d186af9c08ce48

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:36 GMT
access-control-allow-credentials
true
x-database-date
Sat, 13 Nov 2021 22:46:53 GMT
content-length
235
vary
Origin
content-type
application/json
event
event.instiengage.com/v1/ Frame 9F4E 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_embed-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:36 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9F4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
60968
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Sun, 14 Nov 2021 01:26:29 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
7RVIXdZsa9RzaFSvHadmJVBm_YE17XqiZ1wnSGXhSx7YUSzmF1YdNw==
icon-check.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9F4E 		649 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/icon-check.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
LAzj2T9To4nJbbC7ZHWfpQpTuFxrgcvY
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
43162
etag
"b673377b664a0b33454c267d911fcfc1"
x-cache
Hit from cloudfront
content-type
image/png
date
Sun, 14 Nov 2021 06:23:16 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
649
x-amz-cf-id
4KZXsVM3P7bI4KTA8jLRkUNrn4B-ykPp_YQZMtTh_9yDLyfN8YV29g==
graphic-ooc-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9F4E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/graphic-ooc-opt.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
eOMnJSzBI81wb4OK.n4S.oHVD4IqRrSP
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:05 GMT
server
AmazonS3
age
44879
etag
"3b5c1361f893cc23b07c2f3cc48cee32"
x-cache
Hit from cloudfront
content-type
image/png
date
Sun, 14 Nov 2021 05:54:42 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4833
x-amz-cf-id
BhcqeBIpqs7B8SBsgM3fNk6FGOqPyYTO5fCqMgZ8JebVxooVZigR-A==
collect
stats.g.doubleclick.net/j/ 		7 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-123718506-11&cid=136574573.1636914153&jid=1945962770&gjid=373588346&_gid=873651966.1636914153&_u=aCjACUABBAQCAG~&z=1805328411
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 14 Nov 2021 18:22:36 GMT
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=136574573.1636914153&jid=1945962770&_u=aCjACUABBAQCAG~&z=1422655825
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-123718506-11&cid=136574573.1636914153&jid=1945962770&_u=aCjACUABBAQCAG~&z=1422655825
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usertracking
b2c.instiengage.com/v3/pages/ Frame 0649 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.instiengage.com/v3/pages/usertracking
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.73.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-73-66.compute-1.amazonaws.com
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
14c5b8d0-cd20-42c0-9292-92e75b0b5299
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
event
event.insticator.com/v1/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.85.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-85-106.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 14 Nov 2021 18:22:36 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://gazette.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1636914156926&site_uuid=600d3068-de7f-43cf-ace8-14271b462940&hostname=gazette.com&ad_unit=gazette.com_Web_300x250_1&impression_type=undefined&device=desktop&country_code=GB
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
RefreshHit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
Sb89mJ9zmGNowhjzARNvmb5Se79iU8KnTxBZOotvcJmAULta9ZGA1w==
pixel.gif
dh014lg6uwepv.cloudfront.net/ 		35 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1636914156928&site_uuid=600d3068-de7f-43cf-ace8-14271b462940&hostname=gazette.com&ad_unit=gazette.com_Web_300x250_2&impression_type=undefined&device=desktop&country_code=GB
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:aa00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
last-modified
Tue, 10 Sep 2019 16:08:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
mPZXuhcx5PwQ4MmunGjGZeWTAWhP0a5ASyYYxpyiFG6iGPclGm9KGQ==
integrator.js
adservice.google.co.uk/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111001.js?31063705
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		79 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609428905649824&correlator=3243935154795772&output=ldjh&impl=fifs&eid=31063705%2C31063711%2C44754276%2C44742767%2C44753990&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=27794161%2Cgazette.com_Web_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C250x250%7C336x280%7C300x250%7C320x50&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26iba%3D0%26iaid%3Dnofill%26ib%3Dnofill%26p%3DBTF%26at%3D1%26hostname%3Dgazette.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cust_params=browser%3DChrome%26k%3Dnews%252Cus-world%252Cwex%26page%3Dasset%252Carticle%252Capp-editorial&cookie=ID%3D6ea4fd15ebebab7a%3AT%3D1636914152%3AS%3DALNI_MYrccD-gyyzye5wUUIY3Zar5v0_sg&bc=31&abxe=1&lmt=1636906561&dt=1636914156938&dlt=1636914151134&idt=1312&frm=20&biw=1600&bih=1200&oid=2&adxs=1180&adys=3161&adks=1980065498&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x672&msz=336x-1&ga_vid=136574573.1636914153&ga_sid=1636914153&ga_hid=1650202400&ga_fc=true&ga_cid=873651966.1636914153&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
acacf0075d11c042c8a3220123bd748d0a34a00ddfb3fb46e337e213670c97f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
24613
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1609428905649824&correlator=4286506523896445&output=ldjh&impl=fifs&eid=31063705%2C31063711%2C44754276%2C44742767%2C44753990&vrg=2021111001&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=27794161%2Cgazette.com_Web_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C250x250%7C336x280%7C300x250%7C320x50&prev_scp=h%3D18%26shb%3D1%26tg%3D0%26ics%3D300x250%26iba%3D00006%26iaid%3D627c0bfc5c34b58%26ib%3Dappnexus%26p%3DBTF%26at%3D1%26hostname%3Dgazette.com%26consent%3D0%26Exclude_Adx%3DN%26it%3Dil&eri=1&cust_params=browser%3DChrome%26k%3Dnews%252Cus-world%252Cwex%26page%3Dasset%252Carticle%252Capp-editorial&cookie=ID%3D6ea4fd15ebebab7a%3AT%3D1636914152%3AS%3DALNI_MYrccD-gyyzye5wUUIY3Zar5v0_sg&bc=31&abxe=1&lmt=1636906561&dt=1636914156942&dlt=1636914151134&idt=1312&frm=20&biw=1600&bih=1200&oid=2&adxs=1162&adys=3471&adks=45150134&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x672&msz=336x-1&ga_vid=136574573.1636914153&ga_sid=1636914153&ga_hid=1650202400&ga_fc=true&ga_cid=873651966.1636914153&fws=4&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
aeaed5e400bb01adc7eaa5c9f93d884f0f413b7b81d9e4f3363347d36ea1bf4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
8205
x-xss-protection
0
google-lineitem-id
5262195839
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299530502
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=3860&ntv_r2=3860&ntv_r3=3860&ntv_r4=4885&ntv_pl=1111735&ntv_it
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:37 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 40CC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstroOtmsctnBdJg1125rZNvu56CWuzGYvJYrhbZTY1JvfQRVN-7cemhzLwCHLORdKn-IWYmWPPH_LlO_HyfRAXv1J3gCgPOmEVZPwhN5kw8JpZYtJNw36p_auGOqKplol1_DICu1lQhIsVcDIKq4wb_x4wbMMmHpO4eRG4Fk-kNBMFXHYcRDPkYsTqWZSm7LAWVVerVDjISTSADjUtGr6uEhPjv6U_8nsPye1SJoepHtSSjC6BHD6Dom1DGtvu4uFAokhgclpazhoXrxI52UmHk9LkfhWdF-KCxuHCfOG6Xltc_Sqe7_-nV39F_YKdUbLvTOQCiENOVkSyC-hDI98dXLG6abkfJixo390m_4QvCV3YD3BTzVw&sig=Cg0ArKJSzKsVQ2FtQYlTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:37 GMT
truncated
/ Frame 40CC 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
482ebc986336ac12208d752885273b000f8a123e8f93b112c10a11b10d80a979

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6B8F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYBd01P5wy5C6kfORIvdEmI2j40vRviyA9htwdk4kRmVYDMYsV3Dec3Ytl_0Zf4UroitBfeydBMitd3tjN0kfUqBBd8972uCuAI8dBKInnIEDwo6h1H_iKRvztxChBDZlfyCT424R1TDAVbtHaNGnncg9QGjPoc6bNgjEz-gfqj_LLCqavp05UKzOL320mUAZewI2vU5-Oe1A3oBFdcx-W0hUT3tGvgBHJqQr2lFKXaS4ZClvIVVzKWRlK1nA_rGs8F7cRdT7kEBGj5fTKc4D1IWzPoVc6ScOo48HN0FRdszrisbQvvAYjljlNs_5Pmb45PfR-dGtkLOJXzS-TgrkGjDce3KBilclQ2tz40hGC_pvsq8N5gbg&sig=Cg0ArKJSzImJpIa4JPJjEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:37 GMT
truncated
/ Frame 6B8F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bab2b0aef8b999697d656c04edc70b35cc21ee169d73cebf66b8989515988f65

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
contents
cms.instiengage.com/v3/ Frame 9F4E 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.instiengage.com/v3/contents?embed_uuid=080a4d92-3b88-41e6-93e3-54900f8f5e52&cookie_id=87a2d55a-2695-7132-579d-6eef9ed37d44&content_order=RANDOM&for_embed=true&content_count=20
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
75b79222f37e93e1e3ca9a73d5a7a49ca318f302b34605bafeb3e3e425442f81

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:37 GMT
access-control-allow-credentials
true
content-length
17985
vary
Origin
content-type
application/json
logo-insticator-light-opt.png
static.instiengage.com/files/images/embed4.0/app/ Frame 9F4E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/files/images/embed4.0/app/logo-insticator-light-opt.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
w7gtQSz9AStQdiIs3IcLPUYoKdf9yCiw
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 18:59:06 GMT
server
AmazonS3
age
60969
etag
"b5cc01468ea9b242e6354798d28874df"
x-cache
Hit from cloudfront
content-type
image/png
date
Sun, 14 Nov 2021 01:26:29 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2129
x-amz-cf-id
mCmje8oQh4Y_8EhPibxMAE1GktP2KWinOn-Pxcgy_xJZ3sOg2N_mlQ==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 9F4E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:58:54 GMT
x-content-type-options
nosniff
age
343423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 18:58:54 GMT
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 9F4E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:58:54 GMT
x-content-type-options
nosniff
age
343423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 18:58:54 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ Frame 9F4E 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1714775
cf-ray
6ae2442d1fba0f52-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73852
x-amz-id-2
kf7vyC1GRtLDo6eEb0VTyP/H35l7FYNohxg3YzE9jwGr9FtKYRu+sAnj3ZvARsKWZ0/xFHHhi3k=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuvWaD4A6rf%2FkKZzH%2Fv1nvtZ%2Fw44BTIrW%2B5%2Bm3Sg0h9x1dfXvMsGbEcauCd7WYopb6EZMKOil%2BdSW6CBpDU2g1z1a1QnI8%2B9tQdbozIeYeU7qK1uafZBzUL4BELhlOocSGUa5tBBzRUWNwcpYZ4RlaWq"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TETTFTJMJNGWNAEC
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
js.php
us.ads.justpremium.com/adserve/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.ads.justpremium.com/adserve/js.php?zone=116363
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a4945a0332a8ee8b4a580b7c91bf544f1f7dab64eb8bc0e01b3b0ccc62215bef

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
gzip
cache-control
public, no-cache, no-store, must-revalidate
content-type
text/javascript; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 3A68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP0pHYpRMbIpiJXoJ1tmaRdHgZSWvGy7DpQLuTgYIeSHc-vxLy5KeXWQ0uw-cSTC9sQT7cfHUypsVsZhpNsx4GjNK8keV69autYJuJw3aV2ZiWg1kXTUvbTAxaxb9XnJAfhQ9ZP-v3DeGwIAJB7HuF3mx02pbSlH1QTEfERT7eJD6q1Hw7TSRJI4dAkJh8_9X_zPb_OjPlPK8FnghKEiX9LV_GrADcrrLN5gKYLDWOBSvqOY7LriCXKeKzHENOHd-aHxONIo1RBMXzrpJiVkRU5hJ6l-CUXZLLGhssdAx1j1MzTxBTTvJLtPfbN4v6HgKqo-A&sig=Cg0ArKJSzHWn1VPvTz22EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
dcmads.js
www.googletagservices.com/dcm/ Frame 3A68 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 17:37:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4451
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 15:55:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:37:00 GMT
pixel.js
live.rezync.com/ Frame 3A68 		21 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://live.rezync.com/pixel.js?c=c24209e04e63e72e9f8a87fb2c5aae5c&cid=7056585800145824787&referrer=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-79.fra56.r.cloudfront.net
Software
lighttpd/1.4.33 /
Resource Hash
683c33c0cff53a5ef4a3e32079531a47f2a484af352d445dbcda36e6af932a15

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
server
lighttpd/1.4.33
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
21
x-amz-cf-id
hfHaRo4MspOF_TctSOUhXgbh_HHXkVl7ostdTGFXKGPuHCQaDql9lg==
trk.js
cdn.adnxs.com/v/s/221/ Frame 3A68 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/221/trk.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Nov 2021 09:57:21 GMT
Server
AkamaiNetStorage
ETag
"f0105ab6d7d1878d827eb99659d44d8f:1635847041.806544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29240
Expires
Mon, 14 Nov 2022 18:22:37 GMT
it
fra1-ib.adnxs.com/ Frame 3A68 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fgazette.com%252Fnews%252Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%252Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&e=wqT_3QLbDPD9WwYAAAMA1gAFAQjsp8WMBhDvupiCssyL204Yk9iHxt3sgfdhKjYJCXQT1ZyptT8RNix4o64xrz8ZAAAA4HoUFEAhsT8_QoMDsD8pyy2thsQ9tj8xAAAAYGZm1j8wzYuMCDjvHED1QUgCUJCs5ZkBWJbbd2AAaN-PUXiG2QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClQF1ZignYScsIDQ5ODYyOTIsIDE2MzY5MTQxNTYpO3VmKCdpJywgNjUwMDUyNCwgMTYzNjkxNDE1Nik7dWYoJ2cnLCAxNjI0MTUxMCxCOwAsYycsIDUxMDE0MzkwRjwAMHInLCAzMjI1MjQ2ODg2HwDwtpIC8QQhYlhtMnhnajIxYWtZRUpDczVaa0JHQUFnbHR0M01BQTRBRUFBU1BWQlVNMkxqQWhZQUdDVEJtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0J4UEFpZ3gyVnNEX0JBYVpjUnR5aFBiWV95UUVBQUFBQUFBRHdQOWtCUURCSGo5X2I1el9nQWF6aGpBUDFBWlp0dnoyWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58JBEZ0F0UFN6QnpvQXNIUXhJd0c4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTlBTekJ3UUFSZ0FMV29MdVQ0eUEzTmlNYUlERXdqVDBzd2NFQWtZQUMxcUM3ay1NZ056WWpHNkF3bEdVa0V4T2pVME5EYmdBX01zZ0FTMXc1UUhpQVNOeEpRSGtBUUJtQVFCd1FRAZUJAQhNa0UJCQEBCERSQgEHNEFBQXdDRkEyQVFBOFFRAQ8JAUhJSUZIQWk3d1NVUUFoZ0NJZ0FwCRkFAUx4S1Z5UHd2VW92RC1JQmNZcXFRVQUZHEFBRHdQN0VGDQ0BEARCQgFXHEVCdElkY195BSgcREFUSTNRUDkyKAAAWgUoAQHAUEFfNEFYd1FfQUY1cWJmQl9nRnRLdXdBb0lHQTBkQ1VJZ0dCSkFHQVpnR0FLRUdNegkCLDB6LW9CZ1N5QmlRSgFHDQEAUg0IAQEAWgEFDQEAaA0ITEFBQUM0QmdvLpoCwQEhV2g1emxROnUCKEpiYmR5QUFLQUF4CWuQTXowejg2Q1VaU1FURTZOVFEwTmtEekxFbEFNRWVQMzl2blAxRQFaCQEERmsJCAEBBEdFAQYJAQBHHRgASA0YYE1BaFFIZ0FnZ0VjQ0x2QkpSQUNHQUlpQUMdLDRERXBYSV9DOVNpOFA0azHI9GkBQThEOC7YAolE4ALihFbqAoIBaHR0cHM6Ly9nYXpldHRlLmNvbS9uZXdzL2ZiaS1lbWFpbC1zeXN0ZW0taGFja2VkLXRvLXNlbmQtZmFrZS1jeWJlcmF0dGFjay1hbGVydHMvYXJ0aWNsZV9iNjlmNzYxNy1kOGE3LTU4ZjktYWQxMC1jNjM2ZmQxYjQ2ZGUuaHRtbIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA8kG4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE5NC4zNi4xMTAuMTY1qAQAsgQPCAAQARjAAiBkKAAwADgCuAQAwASr6JMiyAQA0gQOODQzNyNGUkExOjU0NDbaBAIIAeAEAfAEkKzlmQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXzvyv6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AazK9oGFgoQCREZAVgQABgA4AYB8gYCCACABwGIBwCgBwG6BwG8UAAYACAAMAA4mAlAAMgHhtkF0gcNCRE6AR4M2gcGCAUJNOAHAOoHAggA8Aem5PEB&s=bfd0ed45c3293273035a2ee6af392125d6c3508f
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:37 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
238cf10c-cafe-4131-91b6-b50cf2d36dd2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A68 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:37 GMT
pixel
protected-by.clarium.io/ Frame 3A68 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0L2FwcG5leHVzOjMwMHgyNTA=&v=5&s=v31fkfqvlp7&id=eyJwcmViaWQiOnsiYWRJZCI6IjYyN2MwYmZjNWMzNGI1OCIsImNwbSI6MC4wNjA5MjYsInMiOiJkaXYtaW5zdGljYXRvci1hZC0yIiwic3JjIjoiY2xpZW50In0sInRwX2NyaWQiOiJQQjphcHBuZXh1czszMjI1MjQ2ODgifQ%3D%3D&sb=undefined&cb=5850331&h=gazette.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEwyRndjRzVsZUhWek9qTXdNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.213.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-213-64.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD40 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202110191325/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:32 GMT
expires
Mon, 14 Nov 2022 18:22:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
5
alt-svc
clear
impl_v81.js
www.googletagservices.com/dcm/ Frame 3A68 		41 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v81.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 12:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
17189
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 20:08:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Nov 2022 12:17:20 GMT
jpx.js
cdn.justpremium.com/js/v2.45.427/ 		310 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.justpremium.com/js/v2.45.427/jpx.js
Requested by
Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=116363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2845cdcb52d51c56c5f2e400de8d052c51a48ec5ac4f368ddf92d367ccd8610a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 12:49:55 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 12:23:25 GMT
server
AmazonS3
age
538363
etag
W/"ec5b19eb0e2390b9e05df7f203d8fccd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
oe-0dgRtfdz0u6a0O3HTBUV21erRoY6jyNSB3cvDEjyV75JYiWggJQ==
tracking.gif
tracking.justpremium.com/ 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-2515f23d-e0eb-41a0-b37f-f20c9bf63381-38875-11044062&uid=r-00190529-747a-4e7c-a2d2-2f6b2fefe8c6-38875-11071295&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914157509&siw=0&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.2&vn=eu-central-1&sd=&_c=1947007866&et=&aid=&said=&ei=&fc=&sp=&at=adserver&cid=0&ist=&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=0&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22%22%2C%22riskHref%22%3A%5B%5D%2C%22content%22%3A%5B%22IAB_LAWGOVT%22%2C%22IAB_SPORTS%22%5D%7D%7D&ty=ta
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:37 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
event
event.instiengage.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://gazette.com
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
event
event.instiengage.com/v1/ Frame 9F4E 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.instiengage.com/v1/event?event_name=event_question-loaded
Requested by
Host: product.instiengage.com
URL: https://product.instiengage.com/ceu-code/080a4d92-3b88-41e6-93e3-54900f8f5e52.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-232-96.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
a2e6874c-bb38-4aea-bb17-ffbbb0faad88
static.instiengage.com/client_images/4b4d600c-49e2-43d5-a96c-62706d8acc9b/ Frame 9F4E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.instiengage.com/client_images/4b4d600c-49e2-43d5-a96c-62706d8acc9b/a2e6874c-bb38-4aea-bb17-ffbbb0faad88
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:aa00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d48ebc39595f8a34aab4c58dc632a50c2092d9e5e130235c78ba9b3ed88c858

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 22:34:52 GMT
via
1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified
Wed, 06 Oct 2021 15:12:41 GMT
server
AmazonS3
age
1367266
etag
"61073e6077dc1eae99a14e81db1c017a"
x-cache
Hit from cloudfront
x-amz-version-id
nMU5ZE208W80JAthZmBZqNWe9LOXsP7T
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/octet-stream
content-length
11980
x-amz-cf-id
1cteqOp6jgkXsg2EeKMfXYsaAvsrRiQ95wgaDyhn9j4hMWdoHHVNgw==
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame 9F4E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 18:58:54 GMT
x-content-type-options
nosniff
age
343423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
48480
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:05:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 10 Nov 2022 18:58:54 GMT
B24895522.319689494;dc_ver=81.235;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=3381720769;ord=rj39ww;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCXQT1ZyptT82LHijrjGvPwAAAOB6FBRAsT8_QoMDsD_LLa2GxD22P28...
ad.doubleclick.net/ddm/adj/N862064.2542313ZETAGLOBAL/ Frame 3A68 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N862064.2542313ZETAGLOBAL/B24895522.319689494;dc_ver=81.235;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=3381720769;ord=rj39ww;click=https%3A%2F%2Ffra1-ib.adnxs.com%2Fclick%3FCXQT1ZyptT82LHijrjGvPwAAAOB6FBRAsT8_QoMDsD_LLa2GxD22P28dRiBjLrZOE-zB2GUH7mHsU5FhAAAAAM0FAwFvDgAA9SAAAAIAAAAQVjkTlu0dAAAAAABVU0QAVVNEACwB-gDfRwAAAAABAQUCAAAAAKgATyLszgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Wh5zlQj21akYEJCs5ZkBGJbbdyAAKAAxMzMzMzMz0z86CUZSQTE6NTQ0NkDzLElAMEeP39vnP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAMAhQHgAggEcCLvBJRACGAIiACkAAAAAAAAAADEpXI_C9Si8P4kBAAAAAAAA8D8.%2Fcca%3DODQzNyNGUkExOjU0NDY%3D%2Fbn%3D93318%2Fclickenc%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html$0;xdt=0;crlt=xn_F6tDrY6;gcsr=m;sttr=92;prcl=s
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
cffa54a23c9578606b2d8d773b7ef00e8629693bf74ca630e58bba1d2c5f1926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
clear
content-length
24276
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BD40 		1 KB
921 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BD40 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuMmb7FORYfXGPNXcxwKHjpGoDcjrvJxmkpqVupsO29keEAEg6fe2T2C7vq6D0AqgAbDpov4DyAEGqQLXvtnHzYC2PuACAKgDAcgDmwSqBNcCT9AEuDdi91HVNXn0f6my9s9t88_sBS65vaDf7zyqvBewcZpsU6-55sb4Ij6h9qzUGzp_szdpz5wQNHiYj96AdOcR0LUDKqkMexypZXu7zZbHLnaD4Q4EFlegJZt5AY5jfyYFNn4eJu7TKoOGO3ZdVWqeUbqN55LQaQxtEN4FZj-VKRixHiS7byIj6AGBfQcBkwZ90SZmWiHOmZMxmGpk0pl6Q8F1CccdIPaHQg9GlMnb7VHYp8ib0s3iaViSSWvxfTn2haZ8YIDsZtM7WmFvgqlxfWiZkDMZZDBjd0ybTLpp4T39LZulAS0OCsTpWXaNisc7jqC0-wpraYJiKponhbPPtdz09p6iQFfnbjYL4xS33ZHJ6aIrgbggh3lF0_sobHAHT0TkxKIEpE6XtTignf0pCyTRXHLFm4IpJODErqDNNcu-oa7Q2sfdFkpkPGI1TNR7V-NyQsAEnum39eQD4AQBoAY3gAe4lt0BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ2K4B0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi00MTY3ODQ4NzA1MDI3ODMzgAoDyAsB2BMDiBQB0BUBmBYBgBcBshceChwIABIUcHViLTc2MzA5NjExNjM2NDMxMzcYob8V&sigh=HY9kdTTpeRw&uach_m=[UACH]&template_id=492
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame BD40 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:18:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BD40 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD40 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame BD40 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:21:28 GMT
c5d443f94f59031b290788a54ae3dbc2.js
www.gstatic.com/mysidia/ Frame BD40 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 09:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
11508
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 03:19:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 10 Feb 2022 09:00:33 GMT
pixel
protected-by.clarium.io/ Frame BD40 		68 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_RnNlZXpfLW5EeVdRWElKc2Jub0trS1RIWEM0LzIxMjQ4OTY1NjA6MzM2eDI4MA==&v=5&s=v31fkfqvm3v&id=eyJkZnAiOnsiYWQiOjQ0MjU0NjU4MDMsImMiOm51bGwsImwiOjAsIm8iOjIxMjQ4OTY1NjAsIkEiOiIvMjc3OTQxNjEvZ2F6ZXR0ZS5jb21fV2ViXzMwMHgyNTBfMSIsInkiOjIwOTkwNCwiY28iOjAsInMiOiJkaXYtaW5zdGljYXRvci1hZC0xIn19&sb=undefined&cb=3346063&h=gazette.com&d=eyJ3aCI6IlJuTmxaWHBmTFc1RWVWZFJXRWxLYzJKdWIwdHJTMVJJV0VNMEx6SXhNalE0T1RZMU5qQTZNek0yZURJNE1BPT0iLCJ3ZCI6eyJvIjoyMTI0ODk2NTYwLCJ3IjoiMzM2IiwiaCI6IjI4MCJ9LCJ3ciI6Mn0=
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.213.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-213-64.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:37 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10023253969602252667/ Frame BD40 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10023253969602252667/downsize_200k_v1?w=400&h=209
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef5624bcbfc1c50624726921c666257cd396e6695714b298b69b46713752a80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 10 Nov 2021 00:21:45 GMT
x-content-type-options
nosniff
age
410452
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
21728
x-xss-protection
0
last-modified
Mon, 01 Nov 2021 22:13:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Nov 2022 00:21:45 GMT
truncated
/ Frame BD40 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
views
prod-cosprings-proxy-connext.azurewebsites.net/api/ 		64 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-cosprings-proxy-connext.azurewebsites.net/api/views?UserId=26995d07a43c7e5c94d65d1c577b088a&ConfigCode=GAZETTECONFIG&SiteCode=GAZETTE
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3MDg5MTQxNTR9.n1OxUexSiBnj4Fk4vuhC4GRtsjKCd4LnVsOX3TYdmZ0
source-system
Plugin
site-code
GAZETTE
autoqa
false
Accept-Language
en-GB,en;q=0.9
settingskey
null
ssid
68896ad7368dd4a0a3fbdea062053cab
environment
prod
config-code
GAZETTECONFIG
access-control-allow-origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type
application/json
location
System
accept
application/json
Referer
https://gazette.com/
version
Version: 2.7.2

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
X-Server-Time
11/14/2021 6:22:38 PM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-cosprings-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-cosprings-proxy-connext.azurewebsites.net/api/views?UserId=26995d07a43c7e5c94d65d1c577b088a&ConfigCode=GAZETTECONFIG&SiteCode=GAZETTE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Length
0
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 3A68 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 09:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30897
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 09:47:40 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 3A68 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
3140
x-xss-protection
0
server
cafe
etag
17163059639670574047
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:22:11 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3A68 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 09:47:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30899
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 14 Nov 2022 09:47:38 GMT
B26765432.319757296;dc_pre=CJaVobe8mPQCFSET0wodL7cKHg;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/ Frame 3A68
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
  • https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_pre=CJaVobe8mPQCFSET0wodL7cKHg;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;ta...
42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_pre=CJaVobe8mPQCFSET0wodL7cKHg;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.74.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1318168.2542313ZETAGLOBAL/B26765432.319757296;dc_pre=CJaVobe8mPQCFSET0wodL7cKHg;dc_trk_aid=512210169;dc_trk_cid=161018467;ord=1668776313;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 51B3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3695&pub_id=1570890
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 08 Nov 2021 04:31:53 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 14 Nov 2021 18:22:37 GMT
Age
32126
X-Served-By
cache-lga21983-LGA, cache-lcy19252-LCY
X-Cache
HIT, HIT
X-Cache-Hits
3, 207264
X-Timer
S1636914158.940123,VS0,VE0
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 3A68 		0
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&e=wqT_3QLZBKBZAgAAAwDWAAUBCOynxYwGENOhuu3LvviPAhiT2IfG3eyB92EqNgkAAAkCABEJBywAABkAAAAgXI8KQCEREgApEQn0dQExAAAAoJmZyT8wyYuMCDjvHEDvHEgAUABYltt3YABo349ReIbZBYABAYoBAJIBA1VTRJgBwAKgAWSoAQGwAQC4AQDAAQDIAQDQAQDYAQDgAQDwAQDYAolE4ALihFbqAoIBaHR0cHM6Ly9nYXpldHRlLmNvbS9uZXdzL2ZiaS1lbWFpbC1zeXN0ZW0taGFja2VkLXRvLXNlbmQtZmFrZS1jeWJlcmF0dGFjay1hbGVydHMvYXJ0aWNsZV9iNjlmNzYxNy1kOGE3LTU4ZjktYWQxMC1jNjM2ZmQxYjQ2ZGUuaHRtbIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA8kG4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE5NC4zNi4xMTAuMTY1qAQAsgQPCAAQARjAAiBkKAAwADgCuAQAwAQAyAQA2gQCCADgBADwBACIBQGYBQCgBQDABQDJBQAAAAAAAPA_0gUJCQAAACV-aNgFAeAFAPAFAPoFBAgAEACQBgCYBgC4BgDBBgUgHAAAANoGFgoQAQkuAQBYEAAYAOAGAPIGAggAgAcBiAcAoAcAugcBlVAAGAAgADAAOJgJQADIB4bZBdIHDQkRPAEeCNoHBgFrPBgA4AcA6gcCCADwB6bk8QE.&s=03c352ac6bab918bedc3806826ac113f81801589&bdref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html,https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:37 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b968c028-32e5-4e7a-94f6-41ca56c97470
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA21 		1 KB
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 14 Nov 2021 13:26:12 GMT
expires
Mon, 15 Nov 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
17785
cache-control
public, max-age=86400
alt-svc
clear
truncated
/ Frame BD40 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23532415e93570edd013faf223d958a9e8d69cb05ee55c2d46aba25c43aa5bd3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3A68 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cdf62c1e8457fbdfc501be5b8588d23eccdf8373bfd14cfad9a3c05961c22e4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 3A68 		0
823 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&e=wqT_3QLbDPD9WwYAAAMA1gAFAQjsp8WMBhDvupiCssyL204Yk9iHxt3sgfdhKjYJCXQT1ZyptT8RNix4o64xrz8ZAAAA4HoUFEAhsT8_QoMDsD8pyy2thsQ9tj8xAAAAYGZm1j8wzYuMCDjvHED1QUgCUJCs5ZkBWJbbd2AAaN-PUXiG2QWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClQF1ZignYScsIDQ5ODYyOTIsIDE2MzY5MTQxNTYpO3VmKCdpJywgNjUwMDUyNCwgMTYzNjkxNDE1Nik7dWYoJ2cnLCAxNjI0MTUxMCxCOwAsYycsIDUxMDE0MzkwRjwAMHInLCAzMjI1MjQ2ODg2HwDwtpIC8QQhYlhtMnhnajIxYWtZRUpDczVaa0JHQUFnbHR0M01BQTRBRUFBU1BWQlVNMkxqQWhZQUdDVEJtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0J4UEFpZ3gyVnNEX0JBYVpjUnR5aFBiWV95UUVBQUFBQUFBRHdQOWtCUURCSGo5X2I1el9nQWF6aGpBUDFBWlp0dnoyWUFnQ2dBZ0cxQWdBQUFBQzlBZwE58JBEZ0F0UFN6QnpvQXNIUXhJd0c4Z0lEYzJJeC1BSUFnQU1CbUFNQm9nTVRDTlBTekJ3UUFSZ0FMV29MdVQ0eUEzTmlNYUlERXdqVDBzd2NFQWtZQUMxcUM3ay1NZ056WWpHNkF3bEdVa0V4T2pVME5EYmdBX01zZ0FTMXc1UUhpQVNOeEpRSGtBUUJtQVFCd1FRAZUJAQhNa0UJCQEBCERSQgEHNEFBQXdDRkEyQVFBOFFRAQ8JAUhJSUZIQWk3d1NVUUFoZ0NJZ0FwCRkFAUx4S1Z5UHd2VW92RC1JQmNZcXFRVQUZHEFBRHdQN0VGDQ0BEARCQgFXHEVCdElkY195BSgcREFUSTNRUDkyKAAAWgUoAQHAUEFfNEFYd1FfQUY1cWJmQl9nRnRLdXdBb0lHQTBkQ1VJZ0dCSkFHQVpnR0FLRUdNegkCLDB6LW9CZ1N5QmlRSgFHDQEAUg0IAQEAWgEFDQEAaA0ITEFBQUM0QmdvLpoCwQEhV2g1emxROnUCKEpiYmR5QUFLQUF4CWuQTXowejg2Q1VaU1FURTZOVFEwTmtEekxFbEFNRWVQMzl2blAxRQFaCQEERmsJCAEBBEdFAQYJAQBHHRgASA0YYE1BaFFIZ0FnZ0VjQ0x2QkpSQUNHQUlpQUMdLDRERXBYSV9DOVNpOFA0azHI9GkBQThEOC7YAolE4ALihFbqAoIBaHR0cHM6Ly9nYXpldHRlLmNvbS9uZXdzL2ZiaS1lbWFpbC1zeXN0ZW0taGFja2VkLXRvLXNlbmQtZmFrZS1jeWJlcmF0dGFjay1hbGVydHMvYXJ0aWNsZV9iNjlmNzYxNy1kOGE3LTU4ZjktYWQxMC1jNjM2ZmQxYjQ2ZGUuaHRtbIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA8kG4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE5NC4zNi4xMTAuMTY1qAQAsgQPCAAQARjAAiBkKAAwADgCuAQAwASr6JMiyAQA0gQOODQzNyNGUkExOjU0NDbaBAIIAeAEAfAEkKzlmQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXzvyv6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AazK9oGFgoQCREZAVgQABgA4AYB8gYCCACABwGIBwCgBwG6BwG8UAAYACAAMAA4mAlAAMgHhtkF0gcNCRE6AR4M2gcGCAUJNOAHAOoHAggA8Aem5PEB&s=bfd0ed45c3293273035a2ee6af392125d6c3508f&type=nv&nvt=5&jm=1003&px=1348&py=3486&bw=300&bh=250&sid=8864165251720586201&vd=ct~0|rr~0&sv=221&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=16975309&cid=3&cr=nv&sw=1600&sh=1200&pw=1973&ph=7496&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/221/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bee1461c-625f-472e-bf36-aa0a2f133fa1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
id
id.crwdcntrl.net/ 		63 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.226.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-226-253.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
48f597dafcaf4a25013deb2cb5e3d118e16a44854a33bcd179048ba73a593985

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gazette.com
cache-control
no-cache
x-server
10.45.21.217
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		108 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8&fmt=json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e9f84dc5455ceb4acea9c510c0c1fbeb07547b45538376bb763a510f830d698f

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gazette.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 14 Dec 2021 18:22:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3A68 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI016GAjXFyDUvKCuPA37s_0pTE7-uz39P91gTXjFyrLDQGa_mo2kbsbQBkt9wiX6IwIJdvivXj9BIpn8F9Ie1SbOOzkyBzJibx7dhQAsCFCqvz_WOvDIPhIDt761eS_ZNBs0uHptWs9aUOXI0npkHw83p3_g42R2CwVhOM0l_DWonQiLG0rwhoAP_dg0n3YGE2EmSwRq0XL_1g1nZua-yzBNu6e9XM1KfXjPNa3QtitkfiK2J-KYkm-2TaOyAp5F7FXJ7IIOZzjnK_ojdM1DGs4GSMHB7rPokpPJTVzrw0HVOphtEC0XNRtycxBKfjYl-BXoCuA&sig=Cg0ArKJSzGQtkzzOawcEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 14 Nov 2021 18:22:38 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F4F0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 14 Nov 2021 09:47:38 GMT
expires
Mon, 14 Nov 2022 09:47:38 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
30900
alt-svc
clear
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A68 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:38 GMT
index.html
s0.2mdn.net/10392302/1636478485799/300x250/ Frame 7C24 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4863e495ac4c7b63975b0942fb92372c342ea3ea27cca8624e2f85ef258af169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
1542
date
Sun, 14 Nov 2021 00:49:35 GMT
expires
Mon, 15 Nov 2021 00:49:35 GMT
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
63183
cache-control
public, max-age=86400
alt-svc
clear
view
googleads4.g.doubleclick.net/pcs/ Frame 3A68 		0
399 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFPekGXQbxbqu2a9X_8o7uxDHYsjlBL1aSa6sK01GwJJgpkPDJemXyUDmeiNPCoTLb9Ly0uinLvo71xmkYlHnukKu5SwrsU1Bh3zzpoedDNRz2F3rYH76iHD8WwTd9DjWYMHtOuFZoA8LLKDY&sig=Cg0ArKJSzNSNRsdNxnGvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&cbvp=1&cstd=266&cisv=r20211109.24812&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame 51B3 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3695&pub_id=1570890&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3695&pub_id=1570890
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
45303f53-714d-49d7-a1b7-a81aa105d95b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA21
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFMUCZcXE1_eH9PWh51AXak&google_cver=1&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJL-LvosViFLLBt33y28p0UFcNSHbhzZQc14Vlb-Gxjro9kwM3yrqGXbYwQJyKcMh_wVdtq_Nt6wEFOmRg8SEdpAouSl0Tr&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
bdm6jtnk7rfore0h5k7qm2j99nq9if9a
pixel
cm.g.doubleclick.net/ Frame BA21
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8JJms8jpzcygOmc3RpeE2VW1bas6WxWHF6oatD8J43NvHCWeYesbjAAvfbGT3Z8f04ezR8sx8n9P9Z9MN_3O_XGJMxUKJRw
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI8JJms8jpzcygOmc3RpeE2VW1bas6WxWHF6oatD8J43NvHCWeYesbjAAvfbGT3Z8f04ezR8sx8n9P9Z9MN_3O_XGJMxUKJRw
date
Sun, 14 Nov 2021 18:22:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync.php
pixel.rubiconproject.com/exchange/ Frame BA21 		0
0
pixel
cm.g.doubleclick.net/ Frame BA21
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-r...
0
0
us
sync.go.sonobi.com/ Frame BA21 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIRoqU4fjLkUklbZ9pCie-EZkApjNaTVCr1VzaLDIPq7FHBPVIEXt0DJPhgahKLovLyf5xoSsASivc1eiEt45p63caTWBghxQ%26google_hm%3D%5BUID%5D&google_gid=CAESEAk80LmEF5pBCdl6Jlve0ow&google_cver=1
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA21
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPI6asvkBMzAvyD_ltvlX...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA&google_hm=A-p2J0vG2khcrezUieNFoRg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA&google_hm=A-p2J0vG2khcrezUieNFoRg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI6asvkBMzAvyD_ltvlXSgRQ6zKAwIaem864zmc-fFGQf7zZXW5gYmPk4nw5Dtr0bNvUVgJ25RF_hIffvoQt_S06Ux4JAAnYA&google_hm=A-p2J0vG2khcrezUieNFoRg
date
Sun, 14 Nov 2021 18:22:38 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
sync
ssbsync.smartadserver.com/api/ Frame BA21 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIniiEVV2xNyQCHYjOTtfUQ&google_cver=1&google_push=AYg5qPKvIl8xjJonRlvL4ucP8SYOFu9uzlwVVa-F2mV7J4h7fWuViC5fPcvonGCbMREejlL7UahtPx3GBooPN6dR-qsDAdQvO3TTvQ
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame BA21 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6_Z_MstE_gnYSsAm38nyZbsdypeiN6CII9K9z-FUX84Htu0LFo-MBe323tW7LnPbqCLXw
Requested by
Host: 547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
URL: https://547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
alt-svc
clear
content-length
0
x-xss-protection
0
content-type
text/html
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame F4F0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 16:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
5707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Nov 2022 16:47:31 GMT
/
id.a-mx.com/sync/ Frame BC3D 		0
0
usync.html
eus.rubiconproject.com/ Frame 1F05 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E749 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1636914154918
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pd
eu-u.openx.net/w/1.0/ Frame 173C 		1006 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
7e9502396b2581cf5d4fd513c9ca9c03632653042987e0ef651dd74064ef636f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html
content-length
544
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D35 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8635 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame B162 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 08 Nov 2021 04:31:53 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 14 Nov 2021 18:22:38 GMT
Age
32126
X-Served-By
cache-lga21983-LGA, cache-lcy19252-LCY
X-Cache
HIT, HIT
X-Cache-Hits
3, 207266
X-Timer
S1636914158.238477,VS0,VE0
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 3249
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13395636
  • https://ap.lijit.com/beacon?informer=13395636&dnr=1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636&dnr=1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13877/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
3c18a19a75aa33b96fe1fecf3c8bf7812818f4eeaf36cd43236d19ed8d6bec93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1

Redirect headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13395636&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap7ams1
/
onetag-sys.com/usync/ Frame BC3D 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B8F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJwnkMPW4rf3Vuxx3FlkjxStWeypOZn58pQKesmfF1uPFoExu0ybgl-GniLCdMNLXUkdymOp3WDr2mdlztNkAEw8kFZoxKtcFStDytKQK-kGUTMZq-&sig=Cg0ArKJSzNM4-Sc4peUoEAE&id=lidar2&mcvt=1037&p=671,1180,921,1480&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=954955562&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914155772&rpt=1420&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 40CC 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9sZeG8qay0tacggIlP7sqFFkNYA_E_cO2-BHm5U88XHB0TVshndsa3P-b_nH1ZQYCclS8FaEyEyVpMo9U0cyIvGgYk-YHbRQC6tzcnRCasuB6_V3t&sig=Cg0ArKJSzH59V9h7bd-xEAE&id=lidar2&mcvt=1038&p=269,436,359,1164&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3718738988&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914155645&rpt=1526&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bannerify.css
s0.2mdn.net/10392302/1636478485799/300x250/ Frame 7C24 		3 KB
878 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de2458d8e72279628062bc53bca3f18d87b1132a04e385d3a115a63c883d26c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 04:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49032
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
778
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 04:45:26 GMT
2122792.jpg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122792.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae7208e6db89989a60daa793981e1cd0f29020b434ad735bd2dea7a704fd5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
x-content-type-options
nosniff
age
63181
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19241
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122796.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		162 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122796.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c3fdc9374d441d370c498afc7a42521f902cb7c1d035f7fb4898c3cf5da423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63181
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
151
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122797.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		459 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122797.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e45e1d04daf98fd1558c77c1c047c6b83a8b2e148d9bddd93b12d8111ecd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
248
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122803.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		2 KB
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122803.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb935cc05135c50bf5fd1f43b36d19555b6d7429a32a176cbbd9a0333ce666f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
945
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122804.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122804.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef8a8ca911c150883a403abc9fb10f0f622b7e5d3604b5efa9de1e3040b49bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2303
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122805.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122805.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e05904054b6def1b931444c8df632cad0497c74c92e01cdadd2b6c238ddc0b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1510
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122806.png
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		132 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122806.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3cba018faf3b460d8db232de1c521bb23ff53f21d7f904ec8fdca2e95fb50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
132
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122807.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122807.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4a5654625775ae159b47b98ca6632a7e34940d064455f3ff03d51b5fcc63c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
6862
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
bannerify.js
s0.2mdn.net/10392302/1636478485799/300x250/ Frame 7C24 		2 KB
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecc9a3daeb4f9363f5101294b2bb0d2da1ff1aac1751fb8c84e0276395ccc292
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63180
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
583
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
/
id.a-mx.com/sync/ Frame 12AD 		0
0
/
onetag-sys.com/usync/ Frame 1CD1 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1636914154919
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 35F5 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 08 Nov 2021 04:31:53 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 14 Nov 2021 18:22:38 GMT
Age
32126
X-Served-By
cache-lga21983-LGA, cache-lcy19252-LCY
X-Cache
HIT, HIT
X-Cache-Hits
3, 207267
X-Timer
S1636914158.327814,VS0,VE0
Vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 4446 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13395636
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
096139040233805c0c6ef35c3ebf2736ce5df153d3d340277d96aebe58fe1ef0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6710 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame B209 		815 B
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
88b13d227943f0a6436e4a6a9feee2b0331bd923efcc89d525fb72f543243f22

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html
content-length
480
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 91C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame C49B 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn1.opstag.com
URL: https://cdn1.opstag.com/13875/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 12AD 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/usync/?tag=img
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
sd
eu-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=eM6dyD7x1MMk9g5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=eM6dyD7x1MMk9g5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-0b2a0a0a5201c51fd@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=eM6dyD7x1MMk9g5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 173C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=openx&gdpr=&gdpr_consent=
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=openx&gdpr=&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=openx&gdpr=&gdpr_consent=
Date
Sun, 14 Nov 2021 18:22:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sd
eu-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7056585800145824787
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7056585800145824787
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
63a00eed-847e-4de3-8244-e0b429ed4227
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
redir
rtb-csync.smartadserver.com/ Frame 173C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUF3d2prN0RJcWdBQURONnFnQzVpdw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAKNLU7DIqgAACi-pB65dg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAKNLU7DIqgAACi-pB65dg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAKNLU7DIqgAACi-pB65dg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAKNLU7DIqgAACi-pB65dg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAKNLU7DIqgAACi-pB65dg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
HTTP/1.1
Server
185.86.138.144 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAKNLU7DIqgAACi-pB65dg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
sd
eu-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1e066191-53ea-4000-9f9b-18f43ac809c2
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1e066191-53ea-4000-9f9b-18f43ac809c2
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=1e066191-53ea-4000-9f9b-18f43ac809c2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:37 GMT
sd
us-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=84iDLvCK33ro2Iop9Y6XJqOJiifoiYMv_N15Q5VL
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=84iDLvCK33ro2Iop9Y6XJqOJiifoiYMv_N15Q5VL
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=84iDLvCK33ro2Iop9Y6XJqOJiifoiYMv_N15Q5VL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1862826982252112349
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1862826982252112349
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1862826982252112349
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 173C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=a4bb6b8d-f054-75a7-d434-a0ade9b83f03&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 173C 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODhkNGI4NDctMzkyMy0yYjAzLWMxZDQtZmExNDIzNWFmMTYz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 173C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOzVHbqLf8kpyHUI7KQCjqQ&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOzVHbqLf8kpyHUI7KQCjqQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOzVHbqLf8kpyHUI7KQCjqQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B162 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
1ddf3345-e526-43bc-a975-c4451a228cbd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 3249
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
54.239.37.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D5D0P0QDAE9Q4975VBS2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3249 		0
0
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1636914158285&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=7D9AC2D8259445E88129DB1CF0ECA8C4
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=7D9AC2D8259445E88129DB1CF0ECA8C4
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=7D9AC2D8259445E88129DB1CF0ECA8C4
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 13 Nov 2021 18:22:38 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3249 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
0
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:38 GMT
server
Aorta/20211029.2f91d75
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-22-90.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
generic
data.adsrvr.org/track/cmf/ Frame 3249 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5021200557
  • https://sync.1rx.io/usersync/tradedesk/5d37eff7-cbdd-41f5-a1e6-a7dab2310826
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
date
Sun, 14 Nov 2021 18:22:39 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b14e68e-2b23-4633-9051-32dba52d98c5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=fmx&bsw_uid=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=5e218d54-1ab9-4bff-9ae3-10fb68131e12&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
101957
jadserve.postrelease.com/suid/ Frame 3249 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
0
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAKNLU7DIqgAACi-pB65dg&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAKNLU7DIqgAACi-pB65dg&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAKNLU7DIqgAACi-pB65dg&gdpr=0
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a94ec1c46f1f87cb5c34bd81&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x9 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:38 GMT
tum
ums.acuityplatform.com/ Frame 3249 		0
0
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT, Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 3249
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 3249
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=xMtxXf4qYirw&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=xMtxXf4qYirw&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://ce.lijit.com/merge?pid=49&3pid=xMtxXf4qYirw&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
noop
px.owneriq.net/ Frame 3249
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/fr/epx.gif
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 3249
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
PugMaster
image6.pubmatic.com/AdServer/ Frame 0D35 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=15271471&p=157898&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4c423d99ad97c6c65df32f16a5cbaeb919ea95ab61b4187800963476eae61286

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 1F05 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48497
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
sd
us-u.openx.net/w/1.0/ Frame B209
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=E99B3E48C4434A599A6D7D9DF36F0440
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E99B3E48C4434A599A6D7D9DF36F0440
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E99B3E48C4434A599A6D7D9DF36F0440
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 13 Nov 2021 18:22:38 GMT
c.html
j.mrpdata.net/ Frame B209
Redirect Chain
  • https://j.mrpdata.net/c.html?ex=OpenX
  • https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
HTTP/1.1
Server
52.28.175.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-175-201.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

location
https://j.mrpdata.net/c.html?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX
pragma
no-cache
cache-control
no-cache
x-backend
dmc_hitServer_4_e@j4mrpdatanet
Connection
keep-alive
x-deviceid
b90ad3af-6baf-4582-f2bc-34bfce493801
transfer-encoding
chunked
current
openx2-match.dotomi.com/match/bounce/ Frame B209 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
sd
us-u.openx.net/w/1.0/ Frame B209
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ox
match.justpremium.com/match/ Frame B209 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=ee3aa57d-a7e5-4fcd-862a-269be8cd7c39
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame B209
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YZFT7gAAAJTV7ABG
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZFT7gAAAJTV7ABG&_test=YZFT7gAAAJTV7ABG
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZFT7gAAAJTV7ABG&_test=YZFT7gAAAJTV7ABG
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1636914159.025583,VS0,VE0
x-served-by
cache-lcy19275-LCY
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZFT7gAAAJTV7ABG&_test=YZFT7gAAAJTV7ABG
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame B209
Redirect Chain
  • https://green.erne.co/openx/cm
  • https://pixel.onaudience.com/?mapped=bbHKJLzImMxK3apmSHsAX0Su&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%2...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=974e66315ea5176b68295dbf7d19d07b&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%25...
  • https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DbbHKJLzImMxK3apmSHsAX0Su
  • https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=bbHKJLzImMxK3apmSHsAX0Su
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=bbHKJLzImMxK3apmSHsAX0Su
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=bbHKJLzImMxK3apmSHsAX0Su
date
Sun, 14 Nov 2021 18:22:39 GMT
server
openresty
strict-transport-security
max-age=0; includeSubDomains;
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame B209
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3390519196593366163&gdpr=1&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3390519196593366163&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3390519196593366163&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dds
rtb.openx.net/sync/ Frame B209
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=e-3hsVnSzIkyQOwaOqEFuQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
6s3la1f7bprei4merh4dkgpbu6ucsb73

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
307c0dc9-60f8-e7ee-e5e3-b65816eff24a
pr-bh.ybp.yahoo.com/sync/openx/ Frame B209 		43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/307c0dc9-60f8-e7ee-e5e3-b65816eff24a?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=51113032-2363-4e94-85a5-f312b07cd114&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 4446
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=fmx
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419450933626&expires=30&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
0
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=nThvnYKWiDWC&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=nThvnYKWiDWC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://ce.lijit.com/merge?pid=49&3pid=nThvnYKWiDWC&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAI1G07DIqgAACirBDYRPA&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAI1G07DIqgAACirBDYRPA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAI1G07DIqgAACirBDYRPA&gdpr=0
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
101957
jadserve.postrelease.com/suid/ Frame 4446 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1636914158333&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 13 Nov 2021 18:22:38 GMT
generic
data.adsrvr.org/track/cmf/ Frame 4446 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4446 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif
noop
px.owneriq.net/ Frame 4446
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6902005581542410281&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4446
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:38 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
0
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:38 GMT
server
Aorta/20211029.2f91d75
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-17-246.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5124322320276799401
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5124322320276799401
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5124322320276799401
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tum
ums.acuityplatform.com/ Frame 4446 		0
0
RX-ea76274b-c6da-485c-adec-d489e345a118-003
sync.targeting.unrulymedia.com/csync/ Frame 4446
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3685605022
  • https://sync.1rx.io/usersync/tradedesk/5d37eff7-cbdd-41f5-a1e6-a7dab2310826
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 4446 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.37.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT, Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
75c62ed6-110b-4eb3-acd1-1b12bb9226d9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=7056585800145824787&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
0
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
0
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4446 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
merge
ce.lijit.com/ Frame 4446
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a94ec1c46f1f87cb5c34bd81&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:38 GMT
usync.js
eus.rubiconproject.com/ Frame C49B 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48497
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
merge
ce.lijit.com/ Frame C8F1
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=8827102409063552111&gdpr=0&gdpr_consent=
43 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=8827102409063552111&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://ce.lijit.com/merge?pid=1&3pid=8827102409063552111&gdpr=0&gdpr_consent=
content-length
0
date
Sun, 14 Nov 2021 18:22:37 GMT
0608867b
rtb.gumgum.com/usync/ Frame 21C2 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c38acb6a4171c20da3c746768a8fc4588f10f56a8b9f78f67569d2e7a0bddf23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"089068be2306ba06c3730d5c98bbbd7ad"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48CF 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1065 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 00A5 		1 KB
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
cad6b94f1543b2f61a48e6eb312970faf9ba155d6b6bf87fb76bac6a04239ddd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html
content-length
616
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync
ib.adnxs.com/ Frame 35F5 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2a2beaa8-c80c-47a2-b823-61e7652e60cd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 61D4 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
0608867b
rtb.gumgum.com/usync/ Frame 007F 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c38acb6a4171c20da3c746768a8fc4588f10f56a8b9f78f67569d2e7a0bddf23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"089068be2306ba06c3730d5c98bbbd7ad"
timing-allow-origin
*
content-encoding
gzip
cm
us-u.openx.net/w/1.0/ Frame 2B40 		740 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
ca072d0a6503d08841bbb5e12e8f0db07f90b30f1ac9ddadcf8f3946a94ee5c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 3039
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=8899160003101480047&gdpr=0&gdpr_consent=
43 B
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=8899160003101480047&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:38 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
location
https://ce.lijit.com/merge?pid=1&3pid=8899160003101480047&gdpr=0&gdpr_consent=
content-length
0
date
Sun, 14 Nov 2021 18:22:37 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4811 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13395636
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83363
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:38 GMT
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 52D9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e95ec2cce2536b8c0d0da3ce1dd4b30c47e3de0ebb56b04207b68aa36066e03d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|51|4|5|88
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1582
Expires
Sun, 14 Nov 2021 18:22:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
usermatch
ssum-sec.casalemedia.com/ Frame A48D 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
783903ef98ebf40d81aa6164ad724616d5671817e3c08c1e228477a4b97b4828

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|191|111|195|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1730
Expires
Sun, 14 Nov 2021 18:22:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:38 GMT
Connection
keep-alive
view
googleads4.g.doubleclick.net/pcs/ Frame 3A68 		0
60 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFPekGXQbxbqu2a9X_8o7uxDHYsjlBL1aSa6sK01GwJJgpkPDJemXyUDmeiNPCoTLb9Ly0uinLvo71xmkYlHnukKu5SwrsU1Bh3zzpoedDNRz2F3rYH76iHD8WwTd9DjWYMHtOuFZoA8LLKDY&sig=Cg0ArKJSzNSNRsdNxnGvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=815&vt=11&dtpt=544&dett=3&cstd=266&cisv=r20211109.24812&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/ Frame 1803 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LM5S7ZWXZV&gtm=2oeba1&_p=1503855737&sr=1600x1200&ul=en-us&cid=136574573.1636914153&_s=2&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&dt=Evvnt%20Discovery%20Plugin&sid=1636914152&sct=1&seg=0&en=scroll&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM5S7ZWXZV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gazette.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Dynamic%22%2C%22MeterRuleName%22%3A%221%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914158721.h5t3o68j&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914158722.0.qa0bcc9mw3r&cd18=Not%20Set&cd20=1.2.0.0&cd7=Metered&cd19=Default&z=158924334
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18324
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterStart&el=%7B%22ConversationName%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%22Not%20Set%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%22Not%20Set%22%2C%22ConversationPaywallLimit%22%3A%22Not%20Set%22%2C%22ArticleViews%22%3A%22Not%20Set%22%7D&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914158850.ybweaq3&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914158850.0.d2kvg52ogzj&cd18=Not%20Set&cd20=1.2.0.0&cd7=Metered&cd19=Default&z=710395986
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18324
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Monthly%20Metered%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%222021-11-14T18%3A22%3A38Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222021-12-14T18%3A22%3A38Z%22%2C%22ConversationPaywallLimit%22%3A%222%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914158858.r1q8yrke&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd8=Monthly%20Metered&cd9=1&cd10=1&cd11=2&cd12=2021-11-14T18%3A22%3A38Z&cd13=2021-12-14T18%3A22%3A38Z&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914158858.0.tur5k9aakvj&cd18=Not%20Set&cd20=1.2.0.0&cd7=Metered&cd19=Default&z=268096080
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18324
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com%22%2C%22ContentType%22%3A%22article%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914158891.avvoh1e8i&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd8=Monthly%20Metered&cd9=1&cd10=1&cd11=2&cd12=2021-11-14T18%3A22%3A38Z&cd13=2021-12-14T18%3A22%3A38Z&cd14=Not%20Set&cd15=Not%20Set&cd16=article&cd17=1636914158891.0.ka7mgk5l1s&cd18=Not%20Set&cd20=1.2.0.0&cd7=Metered&cd19=Default&z=1328331561
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18324
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 75EB 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=4AC4D667-EFFA-44E4-8780-780E7097946F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 607D
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2869950818122420318
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2869950818122420318
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug010:0:775
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2869950818122420318
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 45FA 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Sun, 14 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
299132
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SsTWZ-_6ROSHgHgOcJeUbw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=83362
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Mon, 15 Nov 2021 17:32:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1e066191-53ea-4000-9f9b-18f43ac809c2
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1e066191-53ea-4000-9f9b-18f43ac809c2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1e066191-53ea-4000-9f9b-18f43ac809c2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:38 GMT
mw
mwzeom.zeotap.com/ Frame 0D35
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=4AC4D667-EFFA-44E4-8780-780E7097946F
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=ba55fc2f1c37e621
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e26fecc1d4d&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGUYSSlCov-X9u3ajJlTEEM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e2...
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGUYSSlCov-X9u3ajJlTEEM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e26fecc1d4d&zcluid=ba55fc2f1c37e621&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6ae2443e8dcc5a37-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGUYSSlCov-X9u3ajJlTEEM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=b06e985a-87f2-4a7b-7cb1-1d459992da3a&reqId=a345cd26-28e4-4120-430f-7e26fecc1d4d&zcluid=ba55fc2f1c37e621&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEFDNEQ2NjctRUZGQS00NEU0LTg3ODAtNzgwRTcwOTc5NDZG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug011:0:390
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFAPgOhI0Akjjq2oMwAGViI&google_cver=1
42 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFAPgOhI0Akjjq2oMwAGViI&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFAPgOhI0Akjjq2oMwAGViI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 0D35 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 13 Nov 2021 18:22:39 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:445
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:38 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3998963926277376459
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3998963926277376459
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:612
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3998963926277376459
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5d37eff7-cbdd-41f5-a1e6-a7dab2310826
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5d37eff7-cbdd-41f5-a1e6-a7dab2310826
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:574
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5d37eff7-cbdd-41f5-a1e6-a7dab2310826
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7056585800145824787&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7056585800145824787&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:457
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
7fa3cff4-edb1-4603-b054-819d77fd4165
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7056585800145824787&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
4AC4D667-EFFA-44E4-8780-780E7097946F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0D35 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4AC4D667-EFFA-44E4-8780-780E7097946F?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4AC4D667-EFFA-44E4-8780-780E7097946F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6z5HRyJE2uWnchBfmnrd4RN6G7vFSjI-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6z5HRyJE2uWnchBfmnrd4RN6G7vFSjI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6z5HRyJE2uWnchBfmnrd4RN6G7vFSjI-~A&gdpr=0&gdpr_consent=
date
Sun, 14 Nov 2021 18:22:39 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 0D35
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR
42 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
no-store, no-cache, private
x-lat
amspug008:0:552
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 00A5 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=c855b54d-1ae0-4faa-9388-160b91090051&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
um
sync.teads.tv/ Frame 00A5
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=05b4ec5e-f604-4a08-bcaf-b4806bac0361&r=https://sync.teads.tv/um?eid=64&uid=
  • https://sync.teads.tv/um?eid=64&uid=11c131b0-16d9-4efd-a546-9fd1e0fdff35
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=64&uid=11c131b0-16d9-4efd-a546-9fd1e0fdff35
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 14 Nov 2021 18:22:39 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.teads.tv/um?eid=64&uid=11c131b0-16d9-4efd-a546-9fd1e0fdff35
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
openx
tr.blismedia.com/v1/api/sync/ Frame 00A5 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
alt-svc
clear
dcm
aax-eu.amazon-adsystem.com/s/ Frame 00A5
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3&dcc=t
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.239.37.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YW3HYAPW6GS7QP5H3BJ4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
FEW57BK8WHS1D7EY1P8W
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fc6d17f0-ecfe-ce5d-143a-223a818bf4e3&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 00A5
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ad801a30-652b-4c39-a36f-1e4a1b66c73f
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=ad801a30-652b-4c39-a36f-1e4a1b66c73f
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662303486113618
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662303486113618
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
123
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ae2443bef025a13-MXP
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662303486113618
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 00A5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=d9909a52-4577-11ec-8d37-f550d1b46541
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=d9909a52-4577-11ec-8d37-f550d1b46541
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=d9909a52-4577-11ec-8d37-f550d1b46541
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d9909a53-4577-11ec-8d37-f550d1b46541
us.php
gu.dyntrk.com/adx/ox/ Frame 00A5 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gu.dyntrk.com/adx/ox/us.php?dynk=o1p3n3x9&callback=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540394477%26val%3D%24USER_ID&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.178.20.139 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31193669.ip-51-178-20.eu
Software
proxy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
x-rc
10
server
proxy
content-length
0
content-type
text/plain
fontawesome-webfont.woff2
cdn.czx5eyk0exbhwp43ya.biz/prod/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/fonts/fontawesome-webfont.woff2?98120622
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/cosprings/t8y9347t.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6CD4) /
Resource Hash
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a

Request headers

Referer
https://cdn.ayc0zsm69431gfebd.xyz/
Origin
https://gazette.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 14 Nov 2021 18:22:39 GMT
content-md5
4KZHfCb3p1RwzI0cUtcF7g==
age
378927
x-cache
HIT
content-length
1720
x-ms-lease-status
unlocked
last-modified
Thu, 17 Dec 2020 10:16:38 GMT
server
ECAcc (mil/6CD4)
etag
0x8D8A274D72F017A
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
057efef5-001e-0083-1012-d686d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
100016product_collage_dig.png
cdn.czx5eyk0exbhwp43ya.biz/upload_images/ 		217 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/upload_images/100016product_collage_dig.png
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C09) /
Resource Hash
7dd70d179376e832baf53bd2b946e92024e1a47047ba29ba55883dd108bc0bdf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Sun, 14 Nov 2021 18:22:39 GMT
age
378045
x-cache
HIT
content-length
221996
x-ms-lease-status
unlocked
last-modified
Thu, 22 Aug 2019 15:32:02 GMT
server
ECAcc (mil/6C09)
x-ms-blob-committed-block-count
1
etag
0x8D72715E1319E01
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
376d05db-f01e-009d-6514-d65c3f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&metered=1%7C2&metername=Monthly%20Metered&tv=js-3.0.118&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&tid=f4ccdcbc-6445-43c8-82b9-469fce1c7d3e&pid=94f6fbb4-01a1-4536-b3f7-7d1b97ed9a90&dtm=1636914159083&qnm=_matherq&visible=1&tabid=863590bb-d811-42be-920f-ae724d4138f1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&curl=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&vp=1600x1200&ds=1973x7496&tofa=1636914152&vid=1&lvidt=1636914152&duid=1d675a9b4f9823b2&fp=2920491789&cid=ma96165&mrk=775313800&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoibW9kYWwiLCJkYXRhIjp7Im1ldGVyIjp7ImlkIjoiMiIsIm5hbWUiOiJNZXRlcmVkIiwibWV0aG9kIjoiRHluYW1pYyJ9LCJjYW1wYWlnbiI6eyJpZCI6IjEwMDAyOSIsIm5hbWUiOiJHYXpldHRlIERlZmF1bHQifSwiY29udmVyc2F0aW9uIjp7Im5hbWUiOiJNb250aGx5IE1ldGVyZWQiLCJvcmRlciI6IjIifSwiYWN0aW9uIjp7Im5hbWUiOiJQYXl3YWxsIE1vZGFsIC0gbWV0ZXIgdmlldyAxIiwidHlwZUlkIjoiMiIsInR5cGVOYW1lIjoibW9kYWwiLCJvcmRlciI6IjEifX0sInZlbmRvciI6Im1nMiIsInR5cGUiOiJ1bmtub3duIn0sImtleXdvcmRzIjpbIm5ld3MiLCJ1cy13b3JsZCIsIndleCJdLCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoibWcyIiwiaWQiOiIyNjk5NWQwN2E0M2M3ZTVjOTRkNjVkMWM1NzdiMDg4YSIsInJlZlRpbWUiOiIxNjM2OTE0MTU5MDc0In0seyJ0eXBlIjoiZ2EiLCJpZCI6IjEzNjU3NDU3MyIsInJlZlRpbWUiOiIxNjM2OTE0MTU5MDgyIn1dLCJtZzJEYXRhIjp7InZlcnNpb24iOiJWZXJzaW9uOiAyLjcuMiIsImVudmlyb25tZW50IjoicHJvZCIsImF1dGhTeXN0ZW0iOiJNRzIiLCJjYW1wYWlnbk5hbWUiOiJHYXpldHRlIERlZmF1bHQiLCJzdWJzY3JpcHRpb25zIjpbXSwiY2FtcGFpZ25JZCI6IjEwMDAyOSJ9LCJ1c2VyRGF0YSI6eyJtZzJEYXRhIjp7Ik93bmVkU3Vic2NyaXB0aW9ucyI6W10sIkF1dGhTeXN0ZW0iOiJNRzIiLCJEaWdpdGFsQWNjZXNzIjp7IkFjY2Vzc0xldmVsIjp7fX0sIklnbVJlZ0lEIjpudWxsLCJFbWFpbCI6IiIsIk56d0xpZCI6bnVsbCwiTWFzdGVySWQiOm51bGwsIkRpc3BsYXlOYW1lIjoiIn19LCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTJJX0ZJUlNUVElNRV8yMDIwMTEwMSIsIk1BVEhFUl9VMklfTUVURVIzXzIwMjAxMTAxIl0sInBhZ2VJZCI6Ijk0ZjZmYmI0LTAxYTEtNDUzNi1iM2Y3LTdkMWI5N2VkOWE5MCJ9LHsicHJvdmlkZXIiOiJpU2VncyIsInNlZ21lbnRzIjpbIk1BVEhFUl9VMklfRklSU1RUSU1FXzIwMjAxMTAxIiwiTUFUSEVSX1UySV9NRVRFUjNfMjAyMDExMDEiXSwicGFnZUlkIjoiOTRmNmZiYjQtMDFhMS00NTM2LWIzZjctN2QxYjk3ZWQ5YTkwIn1dfQ
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-91-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ActionShown&el=%7B%22ConversationName%22%3A%22Monthly%20Metered%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ActionName%22%3A%22Paywall%20Modal%20-%20meter%20view%201%22%2C%22ActionType%22%3A%22Modal%22%7D&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-2&_gid=873651966.1636914153&gtm=2wgba1MSKGD4T&cd1=1636914159112.vzx0stcb&cd2=26995d07a43c7e5c94d65d1c577b088a&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd8=Monthly%20Metered&cd9=1&cd10=1&cd11=2&cd12=2021-11-14T18%3A22%3A38Z&cd13=2021-12-14T18%3A22%3A38Z&cd14=Paywall%20Modal%20-%20meter%20view%201&cd15=Modal&cd16=article&cd17=1636914159112.0.48hljia1ruy&cd18=Not%20Set&cd20=1.2.0.0&cd7=Metered&cd19=Default&z=1019087150
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18325
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b4d0b3a-69f2-4c77-b337-6a9132b86856
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 21C2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=gumgum2&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=gumgum2&gdpr=0&gdpr_consent=
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-4000ba14-f1f1-446b-6da7-87489a8c618a$ip$194.36.110.165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-4000ba14-f1f1-446b-6da7-87489a8c618a$ip$194.36.110.165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-4000ba14-f1f1-446b-6da7-87489a8c618a$ip$194.36.110.165
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ea76274b-c6da-485c-adec-d489e345a118-003&rndcb=6509807925
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53&google_hm=NDE4MzA3YjMtMmVmZS00YWU3LWFhN2MtZmVhYTI0NjJk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBqM3galH6JIIL4SZBK-I4M&google_cver=1&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://sync.1rx.io/usersync/bidswitch/418307b3-2efe-4ae7-aa7c-feaa2462db53?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
date
Sun, 14 Nov 2021 18:22:39 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=QO6f9yNTrMer&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=QO6f9yNTrMer&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://rtb.gumgum.com/usersync?b=pln&i=QO6f9yNTrMer&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
cookie-sync
sync.outbrain.com/ Frame 21C2
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Kk04-Kohn4l8FKaBQWg0bgpBWsEbBZS_8TmN885QF0XekW3hvkGTbddC2Y5LSZU_%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(Kk04-Kohn4l8FKaBQWg0bgpBWsEbBZS_8TmN885QF0XekW3hvkGTbddC2Y5LSZU_)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache
X-TraceId
d664ca25e83eb94a67f18dcca2e7873a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4869e417-d19e-45ef-8980-911aa4eb7e2d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d996b4e2-4577-11ec-9d14-fb2c7a265914
services
sync.technoratimedia.com/ Frame 21C2 		0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
700710217
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 21C2 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 21C2
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
date
Sun, 14 Nov 2021 18:22:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 21C2 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-length
0
merge
ce.lijit.com/ Frame 21C2 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_aa746db0-a187-4024-b7cf-8d4241c65786
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame 2B40 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=c855b54d-1ae0-4faa-9388-160b91090051&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
csync.loopme.me/ Frame 2B40 		0
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=411a47dd-5684-4122-893f-abdd591fa731&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.6.211 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.211.6.55.162.clients.your-server.de
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
server
_
RX-ea76274b-c6da-485c-adec-d489e345a118-003
sync.targeting.unrulymedia.com/csync/ Frame 2B40
Redirect Chain
  • https://sync.1rx.io/usersync/openx/378d7bef-8be1-47cc-84d9-f9454f00737f
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
sd
us-u.openx.net/w/1.0/ Frame 2B40
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455419450933626
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455419450933626
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=5134455419450933626
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
m
ad.yieldlab.net/ Frame 2B40
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=7a314129-4014-4857-bd4a-aafa9d87c263&r=https://ad.yieldlab.net/m?dt_id=2448064&ext_id=
  • https://ad.yieldlab.net/m?dt_id=2448064&ext_id=6e449cc7-a0c9-4ca2-a4a3-81ab16d63e37
0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=6e449cc7-a0c9-4ca2-a4a3-81ab16d63e37
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-218-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Sat, 13 Nov 2021 18:22:39 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ad.yieldlab.net/m?dt_id=2448064&ext_id=6e449cc7-a0c9-4ca2-a4a3-81ab16d63e37
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sync
pixel.advertising.com/ups/58294/ Frame 2B40
Redirect Chain
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a&verify=true
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a&verify=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Server
18.159.140.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-140-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/58294/sync?_origin=1&gdpr=1&uid=8a7fe804-283e-4fee-8713-61a77e1bcb6a&verify=true
date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 2B40 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=c855b54d-1ae0-4faa-9388-160b91090051
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b69b30af-9a05-4b50-a1be-3138e967ae76
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
RX-ea76274b-c6da-485c-adec-d489e345a118-003
sync.targeting.unrulymedia.com/csync/ Frame 007F
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-ea76274b-c6da-485c-adec-d489e345a118-003&rndcb=5868319115
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=312e0849-472b-4244-874d-2908fbb118e4&user_group=1&ssp=adconductor&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://sync.1rx.io/usersync/bidswitch/418307b3-2efe-4ae7-aa7c-feaa2462db53?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=cOCI2k7mCcFM&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=cOCI2k7mCcFM&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://rtb.gumgum.com/usersync?b=pln&i=cOCI2k7mCcFM&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
cookie-sync
sync.outbrain.com/ Frame 007F
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3Dx6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2i...
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3Dx6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2i...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=da422b3c-4577-11ec-a9a5-132476d60106&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=da422b3c-4577-11ec-a9a5-132476d60106&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache
X-TraceId
9a60833931a848aea0e5684b761dfd2e
Content-Length
0

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
nginx
Location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=da422b3c-4577-11ec-a9a5-132476d60106&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
2
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=d997032c-4577-11ec-8d37-f550d1b46541
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=d997032c-4577-11ec-8d37-f550d1b46541
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=d997032c-4577-11ec-8d37-f550d1b46541
Date
Sun, 14 Nov 2021 18:22:38 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d997032d-4577-11ec-8d37-f550d1b46541
services
sync.technoratimedia.com/ Frame 007F 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
803944388
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 007F 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 007F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
date
Sun, 14 Nov 2021 18:22:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 007F 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:38 GMT
content-length
0
merge
ce.lijit.com/ Frame 007F 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_aa746db0-a187-4024-b7cf-8d4241c65786
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 1F05
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVZKF9I1-1C-9I5B&sigv=1&esig=2~0c7b9d8d1243e866112d46bc1eab8b2b5b53ef6b
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVZKF9I1-1C-9I5B&sigv=1&esig=2~0c7b9d8d1243e866112d46bc1eab8b2b5b53ef6b
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVZKF9I1-1C-9I5B&sigv=1&esig=2~0c7b9d8d1243e866112d46bc1eab8b2b5b53ef6b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1F05
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZaS0Y5STEtMUMtOUk1Qg==
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZaS0Y5STEtMUMtOUk1Qg==
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZaS0Y5STEtMUMtOUk1Qg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1F05
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZFT7gAAAJTV7ABG
0
0
rubicon
match.adsrvr.org/track/cmf/ Frame 1F05 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 1F05
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/bzCbg6QQ-gnInM-LCX4AL8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525045425150366387
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525045425150366387
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7525045425150366387
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1F05
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9WxsPkQtMt_RrNTzhArqI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9WxsPkQtMt_RrNTzhArqI&google_cver=1
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC9WxsPkQtMt_RrNTzhArqI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1F05
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=28
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=1e066191-53ea-4000-9f9b-18f43ac809c2&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:38 GMT
pixel
cm.g.doubleclick.net/ Frame 1F05
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE2NDBkNDYxYzQyZjcxNGQ1NDk0MDI3MjEwNzk3ODM0NDc3ZWJlNQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE2NDBkNDYxYzQyZjcxNGQ1NDk0MDI3MjEwNzk3ODM0NDc3ZWJlNQ
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzE2NDBkNDYxYzQyZjcxNGQ1NDk0MDI3MjEwNzk3ODM0NDc3ZWJlNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 51B3 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3695&pub_id=1570890&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3695&pub_id=1570890
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a87feacc-4f1e-4a81-a650-d16ffd4a8dd2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 52D9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZFT7mekqH4Urk7gkrt5pgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 52D9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 52D9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W1B01BSY81J7SR5T04PD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F2CH5C3KV8A7S5R2JWNT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 52D9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame 52D9 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.121.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 52D9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3390519196593366163
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3390519196593366163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3390519196593366163
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ix
ad4m.at/ad/sim/ Frame 52D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 52D9 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636914159.318647,VS0,VE78
x-served-by
cache-lcy19275-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 52D9 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YZFT7mekqH4Urk7gkrt5pgAA%26658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1995
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:55:54 GMT
crum
dsum-sec.casalemedia.com/ Frame A48D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZFT7mekqH4Urk7gkrt5pgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKfYA6z3WsLzOGC5VEcC-LE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame A48D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A48D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame A48D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
W3YCZX6A3405CXRX37TY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5K7E999AVJ0T4EERT54N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame A48D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame A48D 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame A48D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d5a5e59c-ea36-495b-96f6-39df4e9f02ab
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d5a5e59c-ea36-495b-96f6-39df4e9f02ab
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:39 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-d5a5e59c-ea36-495b-96f6-39df4e9f02ab
date
Sun, 14 Nov 2021 18:22:39 GMT
server
Apache-Coyote/1.1
content-length
0
YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A48D 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A48D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YZFT7mekqH4Urk7gkrt5pgAA%26658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1995
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:55:54 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F81D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83362
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:39 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame AD57
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 5EFE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 8E9F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4103 f8fad19 master zrh-pixel-x25 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Expires
Sun, 14 Nov 2021 18:22:38 GMT
usersync
rtb.gumgum.com/ Frame D0F2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
x-served-by
cache-lcy19275-LCY
x-cache
HIT
x-cache-hits
0
x-timer
S1636914159.230566,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame A0FC 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sun, 14 Nov 2021 18:22:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame 1578 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Sun, 14 Nov 2021 18:22:38 GMT
um
cs.emxdgt.com/ Frame D026 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 717C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8XkAADmQBlYAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8XkAADmQBlYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8XkAADmQBlYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
4
X-SO-HostName
a-ad40313.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":45,"gdpr":true,"ipv4":"0.0.0.0","key":"YZFT78Co8XkAADmQBlYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40313"}
X-SO-Key
YZFT78Co8XkAADmQBlYAAAAA
X-SO-IP
194.36.110.165
X-SO-Cluster-ID
45
X-SO-Upstream-ID
a-ad40313
usersync
rtb.gumgum.com/ Frame 68DE
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 8FA2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT Sun, 14 Nov 2021 18:22:39 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC7A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83362
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:39 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 9B7D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 662D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame A847
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4103 f8fad19 master zrh-pixel-x10 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Expires
Sun, 14 Nov 2021 18:22:38 GMT
usersync
rtb.gumgum.com/ Frame 1196
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 varnish
x-served-by
cache-lcy19275-LCY
x-cache
HIT
x-cache-hits
0
x-timer
S1636914159.267151,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7406 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sun, 14 Nov 2021 18:22:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame 2FA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 14 Nov 2021 18:22:39 GMT
um
cs.emxdgt.com/ Frame 3009 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 1D23
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8YMAAI9LBs4AAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8YMAAI9LBs4AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YZFT78Co8YMAAI9LBs4AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
1
X-SO-HostName
m-ad285.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":29,"gdpr":true,"ipv4":"0.0.0.0","key":"YZFT78Co8YMAAI9LBs4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad285"}
X-SO-Key
YZFT78Co8YMAAI9LBs4AAAAA
X-SO-IP
194.36.110.165
X-SO-Cluster-ID
29
X-SO-Upstream-ID
m-ad285
usersync
rtb.gumgum.com/ Frame 2315
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame F657
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT Sun, 14 Nov 2021 18:22:39 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
eligible
events.bouncex.net/track.gif/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwDYDMAyBB7CAnAYwFMlQEMIBHJARgwOAFsAHYGAc1hFoAYAWAJwB2AKwAmDMHZEocJACtyjbCBI8MAdyIAjBPCIxuaFDXUA3GHriHa6FAJp8aItAA5nroUIyqLxG3xiJkICAiLufII0KHwo6Bis0hZEGjZ0CESUEDL+RvQANjAycNaMRAhwTMy2xg5OIgJoIuoEhcXAzDBmRHh62FBIleyYvjDESCAJUkRgcACezCTAeNatREA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
81
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwHYBkCD2EBOBjAUyVATQgEckBGNPYAWwAdgYBzWEagBgBYBOFAFYeaYKwJQ4SAFal6mEES5oA7gQBGCeARicAzADYqygG4wtcXdQOG+VHlUF6AHI+cp0is4Ss8ATEYofHyCrjz8VAY8BjZozOJmBCpWNAgE5BASPpwieAA2MBJwlvQECHAMjNa29o58ek60BUXAjDAmBDhamFBIFax6aF4whEggcWIEYHAAnoxEwDiW+QRAA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:38 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
83
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwEYDsBSATAYQGwCsAZAgPYQBOAxgKZKgJEQCOqRVwAtgA7AwDmsEKgAMAFgCcaAgA4iwfjShwkAK0adSIOiKIB3GgCME8GjGEBmPCl0A3GCbjnUeKxJRiUBCzK8y0aETa9rTOYljWaBISsh6SKHhieK5EvIr2NHrOKCQ0zBBKocLEVAA2MEpwTpw0CHBc3C5uHl4SFgQl5ZXA3DC2NBQmpFBI9fwWQTQhdCCpCjRgcACe3HTAFE5lNEA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
84
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
ad_page
ssp.behave.com/ 		20 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://gazette.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
cygnus
as-sec.casalemedia.com/ 		41 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1636914159556&s=416154&r=%7B%22id%22%3A%221636914159%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3610%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223610%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
62e8c92b04062ea7a25a8cf8f2ca6a03b27a1cfb6b7b48d3480d17252fa1eca7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://gazette.com
X-CS-CLIENT-GEO
27
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
27
Expires
Sun, 14 Nov 2021 18:22:39 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1636914159557&s=416154&r=%7B%22id%22%3A%221636914159%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22banner%22%3A%7B%22w%22%3A1920%2C%22h%22%3A480%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3610%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223610%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
62e8c92b04062ea7a25a8cf8f2ca6a03b27a1cfb6b7b48d3480d17252fa1eca7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://gazette.com
X-CS-CLIENT-GEO
27
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
27
Expires
Sun, 14 Nov 2021 18:22:39 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1636914159557&s=416154&r=%7B%22id%22%3A%221636914159%22%2C%22imp%22%3A%5B%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%2C%7B%22id%22%3A%224%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html%3Fdevice%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3610%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223610%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
62e8c92b04062ea7a25a8cf8f2ca6a03b27a1cfb6b7b48d3480d17252fa1eca7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[GB], RC:[EN], CN:[EU], CIP:[194.36.110.165], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://gazette.com
X-CS-CLIENT-GEO
27
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
X-AK-CLIENT-GEO
27
Expires
Sun, 14 Nov 2021 18:22:39 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 4FCD 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?
Requested by
Host: us.ads.justpremium.com
URL: https://us.ads.justpremium.com/adserve/js.php?zone=116363
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e1fcaa03051c4e37410cfc850f1299da211bb28d88eca77d1f006a6a27eb2979

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
/
us.ads.justpremium.com/adserve/client/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.ads.justpremium.com/adserve/client/?zone=116363&debug=1&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&sw=1600&sh=1200&ww=1600&wh=1200&ui=r-00190529-747a-4e7c-a2d2-2f6b2fefe8c6-38875-11071295&tt=1636914159574&rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&eu=1&cs=undefined
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
64b4a949dc15705700b17db5dfa4893a9076cbc2ed5e0363b35ea2e21668c8d9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
async_usersync
ib.adnxs.com/ Frame B162 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
045c6698-9488-40bb-b5f8-36f6afa6d717
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5EFE 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48496
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
usync.js
eus.rubiconproject.com/ Frame 662D 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48496
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
async_usersync
ib.adnxs.com/ Frame 35F5 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
4b928dc7-23d8-471c-a9dd-47fc209e15bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4F0 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRGJK7VORYdWsKLGF2fcP24iXsAgAAAAAOAHgBAI&bg=!rK-lr-vNAAZQLpa_UC47ACkAdvg8Wp6lp3mPE-tFgbPqLljHWFvgaF1NGBGfEkLji-q5bUAI1PTRYgIAAASGUgAAADtoAQcKALMWHViAZLPrq7s_STNOemef_DYGZi89CDihTSpb0gWoYkPf1lIHaGtP4a7Sk8s1AC0ojaDSVU-5mmYf1hmB90tuSaPifvlTEjwMlKb6rdrlYbjp_u_egTRCPUhiUszmtinr4-cKi6f8ZkVBCvxJuH_rHEDwIvnHzkPxJJ-1-cDGKaUhBH9_v7WzdYGGuWI4QPoGy08SrDuBTu49njo9ZYoHg8eetoXarWBt9rK7KQoEGZsbfJkCv43L0ZtanCqcmbFbPtFjJfs-7mmNqWsURH0lA9jmQXIlG-vnCCWlx14ClDb6H7eIzTcZWzCv-Nsz86YAK73Nfl21KeDMykCJhbxMBQ-UXmVy6G_2Qk8hcaqzsN8trW8lA7lSA7Nmuil19f_pq_8aR51XRGmTk1y2CNVA5BnYozUDMQHOTn8ufFCYnhQGj1v8tv5uFnOep45PSGt16Ma7AEU-Karw5xbM9FRwcwIIXNEhJGGv_4UYTGImJryvJE-XA8iwFpFz2OWCwAu3fnBAXCLz37NUDTuyjgDEpEDMWal97CoSEacPGJQKC3TH7aZdwPdndubELoumNgrbbcdFmf8_9i0lZ9dsEhGx8AG-mzoq6fiyFkiJXP-iAYDuZbRqjbi3aRCVpe4MvOODoRtxBdcPEkfqI8ER1dhsS0K_-Ym6sSuCbmamElGQeUIlXgUBJiDFk3M3pRDA1M7qgv-6-i6O2BQL4US_4VsjLdBgTxRCb2N8fKe_ulyzT6-tetmYcabNzpUgkKsN7oPdcm7U1pWiXw_YHAoK2EDYH5KGrofXCEz9lZ5E-h4xEhpgxvwKTCQRyACd15RjJbn7CnVFt7kT0lSUTGJrD6tDFjlK4nYLkslhTNXcDxOIUMIWZuN-G_Y865uWJ9JurYOy7urt5f7egs6Bwoy1SbINa5vMrjVdgREFwYPoJ8Lpmf-6z_CK1_lColcWxO6WH9AIAXWZzAOqrMm0Dhmx4GBNwCcymsVstHXY6Oa3X94Gr_MU2RcSj6d1E_mb882YvWawmz6nyLsv8ilkrDHsHxxxa8IHYEWR3DHcp9DSjVoyFuLa3Qj7VPsbqSHKalT_e3l-kTFg_Rch_VqPOQgvxTMiT2zHGyiksh3BpzQhxnmc7LlnG_dH_7rMNd9D-Sq190KhsdR3Xm54yCZ8PeWZ15de1jkGs_k
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 5EFE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
web-vitals.umd.js
unpkg.com/web-vitals@2.1.2/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@2.1.2
  • https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.1.2/dist/web-vitals.umd.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bf988171c1dfaca42ca163d70cf950ff080414b37c7ff592272f759f1b224f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
2921879
fly-request-id
01FHRRF36XAY8Y0D18AJHDD246
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"11ec-Af9pZ9JTRvMjTOZyqJZeqd0k1CM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6ae2443f794359b9-MXP

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FHRRF33NN9QHJV1FHD6QVCRP
server
cloudflare
age
2921879
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/web-vitals@2.1.2/dist/web-vitals.umd.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ae2443e7e4e59b9-MXP
access-control-allow-origin
*
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914159669&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=ajwjlh1636914159669&et=&aid=437812,437812,437812,437812,437814,437814,437814,437814,437814,437814,437818,437818,437818,437818,437817,437817,437817,437817,437817,437817,437808,437808,437808,437808,437808,437808,437816,437816,437816,437816,437816&said=1169037,1169038,1169039,1169040,1169045,1169046,1169047,1169048,1193258,1199839,1169062,1169063,1169064,1169065,1169057,1169058,1169059,1169060,1169061,1197385,1169021,1169022,1169023,1169024,1197495,1199841,1169053,1169054,1169055,1169056,1199840&ei=543886483%2C22439929%2C20978873%2C430426%2C543886481%2C22439931%2C20978871%2C430433%2C1193258%2C21711633394%2F116363%2F116363-as%2C543886482%2C22439935%2C20978872%2C430429%2C543886485%2C292925%2C22439934%2C20978875%2C430438%2C1197385%2C543886494%2C22439925%2C20978885%2C430430%2C1197495%2C21711633394%2F116363%2F116363-sa%2C543886484%2C22439933%2C20978874%2C430434%2C21711633394%2F116363%2F116363-fa&fc=cf,cf,cf,cf,as,as,as,as,as,as,ca,ca,ca,ca,fv,fv,fv,fv,fv,fv,sa,sa,sa,sa,sa,sa,fa,fa,fa,fa,fa&sp=22,1,32,39,22,1,32,39,42,13,22,1,32,39,22,24,1,32,39,42,22,1,32,39,42,13,22,1,32,39,13&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=95&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22cls%22%3A%220.000%22%2C%22ph%22%3A7446%7D&ty=ex
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
/
pre.ads.justpremium.com/v/1.0/t/singletag/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/singletag/?i=1636914159670
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gazette.com
date
Sun, 14 Nov 2021 18:22:39 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
bid_none
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8AjAzgdwGSkrMB9ZAlhDLgQCbwCMlAbAOzpgwCOArjMhLhAQLYcQQvYFRoBmGgE5KAFkoBWSfPkz0yAPaswAYxjwQZZOm1DQBAOZRyVAAwzJdeQCZ0IczCgR4AKyO91ZHo26KgwKEQw1hKUwQBuBIQ8FLQS0nLyYgAcCpl0DIHxutYyTjSUdJJK2TL2tDI04phuMPEwqNaUaizsUEUUNMYANgQeEDz8nKaiqbIKkjSZqtrDoyDABLFwhOpQ8ILmYugFBLrwZE3u3ACewHrgPMswQA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
83
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914159730&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=ax5aq5l1636914159730&et=&aid=437812,437812,437812,437812,437814,437814,437814,437814,437814,437818,437818,437818,437818,437817,437817,437817,437817,437817,437817,437808,437808,437808,437808,437808,437816,437816,437816,437816&said=1169037,1169038,1169039,1169040,1169045,1169046,1169047,1169048,1193258,1169062,1169063,1169064,1169065,1169057,1169058,1169059,1169060,1169061,1197385,1169021,1169022,1169023,1169024,1197495,1169053,1169054,1169055,1169056&ei=543886483%2C22439929%2C20978873%2C430426%2C543886481%2C22439931%2C20978871%2C430433%2C1193258%2C543886482%2C22439935%2C20978872%2C430429%2C543886485%2C292925%2C22439934%2C20978875%2C430438%2C1197385%2C543886494%2C22439925%2C20978885%2C430430%2C1197495%2C543886484%2C22439933%2C20978874%2C430434&fc=cf,cf,cf,cf,as,as,as,as,as,ca,ca,ca,ca,fv,fv,fv,fv,fv,fv,sa,sa,sa,sa,sa,fa,fa,fa,fa&sp=22,1,32,39,22,1,32,39,42,22,1,32,39,22,24,1,32,39,42,22,1,32,39,42,22,1,32,39&at=adserver&cid=&ist=0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=156&di=&pr=&cw=&ch=&nt=&st=&jp=%7B%22ph%22%3A7446%7D&ty=adr
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
bid_none
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAFgEYA2GgViszBgEcBXGQifCRAFseEEIODx6AZjoBOGrUazGjAOyZCAe05gAxjHggUhTLrGhEAcygVJABiqzVzTCEswoEeACsTgzWjwdpgA7jAARsSktjI0wQBuiFG20nIKTFIAHEyZqupoifq2VABMDKqyytlUjvRUdHRS2G4wiTAhKRoc3FBFlOq6ADaIHhACwrzmko1pik5SJabDoyDAiPFwxJpQ8KKWTQWI+vAoze78AJ7ABuACQzBAA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
83
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAFgEYA2GgViszBgEcBXGQifCRAFseEEIODx6AZjoBOGrUazGjOpkIB7TmADGMeCBSFMOsaEQBzKBUkAGKrIDsjAEyYQFmFAjwAVscENNHhbTAB3GAAjYlIbGRpQgDdEGJtpOQUmKQAOJmzHR0w0ZL0bKhcGR1llXKoHeio6OilsDxhkmDC09Q5uKFLKbJMAG0QvCAFhXjNJZozFJyoWnVHxkGBERLhiDSh4UQsW4sQ9eBRWz34AT2B9cAEVmCA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
82
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAFgEYA2GgViszBgEcBXGQifCRAFseEEIODx6AZjoBOGrUazGjAOyZCAe05gAxjHggUhTLrGhEAcygVJABiqzVjAByYQlmFAjwAVicFNNHg7TAB3GAAjYlJbGRpQgDdEGNtpOQUmKRcmF1V1NGT9WyoAJgZVWWUcqkd6Kjo6KWwPGGSYMLSNDm4oYspZUwAbRC8IAWFec0kmjMVZHObdEbGQYEREuGJNKHhRS2bCxH14FBbPfgBPYANwAWWYIA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:39 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
84
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
jpx.Fa.js
cdn.justpremium.com/js/v2.45.427/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.justpremium.com/js/v2.45.427/jpx.Fa.js?v=v2.45.427
Requested by
Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.45.427/jpx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74da9970918913668e3db233ef647f46029a8d130f19faab8643fd5459e7f6b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 10:12:05 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 12:22:25 GMT
server
AmazonS3
age
461435
etag
W/"eb6ce100a9fdf373d8929c8e2c115d51"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
AUD6UQ0oE33yb5ge_AqbPYPiQy1aI11LSFFZNicuVJYs5BXfCfjTEA==
usersync
rtb.gumgum.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:39 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b94d6216-9470-4a89-954f-0ccb26e2b9cc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
date
Sun, 14 Nov 2021 18:22:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=wht6XSTg3MYf&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=wht6XSTg3MYf&ev=1&pid=558355
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://rtb.gumgum.com/usersync?b=pln&i=wht6XSTg3MYf&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
usersync
rtb.gumgum.com/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 86C1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT Sun, 14 Nov 2021 18:22:39 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9389 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hZTA1N2E0NS1lZDk5LTRhMzQtODc1NC0wMWMwY2EyMmFjNmU=&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
image/png
date
Sun, 14 Nov 2021 18:22:39 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
usersync
rtb.gumgum.com/ Frame BFC1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4103 f8fad19 master zrh-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Expires
Sun, 14 Nov 2021 18:22:38 GMT
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 8960 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
3655
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52iXEIuFYLVrZNMPaUEWQzY1oYvUi2mM35myKnNIZ%2BeQt72%2BfBAJY8og7DBoUk9aE0wK95OuogSJ%2Bb7GWkmKi%2FiMlEPFY6ReuEbSL%2Bx41IYNN56Z%2BU9BOFmSZfhO1a8AFnlHsI%2FyeXNyAhJX2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ae2443cfa380f56-MXP
content-encoding
br
ixmatch.html
js-sec.indexww.com/um/ Frame FD94 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Sun, 14 Nov 2021 18:22:39 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7085 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 08 Nov 2021 04:31:53 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sun, 14 Nov 2021 18:22:39 GMT
Age
32128
X-Served-By
cache-lga21983-LGA, cache-lcy19252-LCY
X-Cache
HIT, HIT
X-Cache-Hits
3, 207278
X-Timer
S1636914160.966330,VS0,VE0
Vary
Accept-Encoding
um
cs.emxdgt.com/ Frame 2E55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html
date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
beacon
ap.lijit.com/ Frame 4D89 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13406715
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e1fdc44952c5adc02e3f24e8873bfdba96382c1fd821cfdf472896db1bea9ed3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap7ams1
usersync
rtb.gumgum.com/ Frame E15D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506159
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 58C8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83362
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:39 GMT
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame CD54 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bDGk30ovOr6R8YaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

x-33x-status
2000208
server
33XP005
date
Sun, 14 Nov 2021 18:22:39 GMT
usersync
rtb.gumgum.com/ Frame 8AB9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:39 GMT Sun, 14 Nov 2021 18:22:39 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
index.html
cdn.districtm.io/ids/ Frame 4502 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ae2443c1d347785-LHR
check.html
biddr.brealtime.com/ Frame 07D9 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
tMvJcsXUEnJxPijZzKprS3yweio4ILwtqbCCgQEtUU4vY5xAGXSAqiFyorx4qEt+uVkxIGAZ6Po=
x-amz-request-id
3H3HZCEY6PAN8X5A
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
3321
Expires
Sun, 14 Nov 2021 18:23:40 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6ae2443c88c5e618-LHR
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 3D69 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 3AB4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4103 f8fad19 master zrh-pixel-x7 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Expires
Sun, 14 Nov 2021 18:22:39 GMT
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 05E4 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.4
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhb/6348) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
746
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Sun, 14 Nov 2021 18:22:40 GMT
etag
"450f-5c7a90520f640"
expires
Sun, 14 Nov 2021 18:37:40 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (lhb/6348)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
647736537
content-length
5566
um
cs.emxdgt.com/ Frame 0E75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
text/html
date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame B200
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pd
eu-u.openx.net/w/1.0/ Frame 59A6 		253 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
aba0c713d86cf9972937256bb9ad6e89b5dfe3d1a691447825d5a49cddb3e68d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html
content-length
219
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 51A7 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

content-type
image/png
date
Sun, 14 Nov 2021 18:22:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame 7F26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bAj30SovOr6R8YaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/600d3068-de7f-43cf-ace8-14271b462940.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Sun, 14 Nov 2021 18:22:39 GMT
9.gif
id5-sync.com/c/441/349/1/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/5/5.gif?puid=974e66315ea5176b68295dbf7d19d07b&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/4/6.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/340/3/7.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
  • https://a.audrte.com/match?uid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F2%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNk...
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOl...
  • https://id5-sync.com/c/441/473/2/8.gif?puid=f01Yp7K9r9fTt-SF8mB7CBk8A&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
0
0
9.gif
id5-sync.com/c/441/349/1/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/5/5.gif?puid=974e66315ea5176b68295dbf7d19d07b&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=463291&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F160%2F4%2F6.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/160/4/6.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=494279&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F340%2F3%2F7.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/340/3/7.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
  • https://a.audrte.com/match?uid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&p=M1950936503&r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F473%2F2%2F8.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D&gdp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNk...
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9pZDUtc3luYy5jb20vYy80NDEvNDczLzIvOC5naWY_cHVpZFx1MDAzZGYwMVlwN0s5cjlmVHQtU0Y4bUI3Q0JrOEFcdTAwMjZnZHByXHUwMDNkMVx1MDAyNmdkcHJfY29uc2VudFx1MDAzZCIsImQiOl...
  • https://id5-sync.com/c/441/473/2/8.gif?puid=f01Yp7K9r9fTt-SF8mB7CBk8A&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=483047&dpuuid=ID5-ZHMO_CW47DETgs1LsHi6Zdd_ZeuR6V-S05J1B9ZEZQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F349%2F1%2F9.gif%3Fpuid%3D%24%7BDD_UUID%7D%26gdpr%3D1%26gdpr...
  • https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
0
0
usersync
rtb.gumgum.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_ae057a45-ed99-4a34-8754-01c0ca22ac6e&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ae549f4d-91cb-43ce-ab11-9ad6a8b1d5c9&ssp=gumgum2&expires=30&user_group=5&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
gpt.js
www.googletagservices.com/tag/js/ Frame 37B9 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.45.427/jpx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3281a834c51d96400d6d0a01ff7dbb6eb12d94755e38571ba8c555487a8c2cac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1043 / 684 of 1000 / last-modified: 1636758378"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26747
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:40 GMT
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MWWFD9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1024684a031f54a865ce6dfad1c1354298ae8e429ffeff9fb7b1bc781e2607

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ae2443e69097707-LHR
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 13 Nov 2021 18:26:14 GMT
server
cloudflare
age
14170
etag
W/"dac-5d0afb5f4aea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Sun, 14 Nov 2021 15:26:30 GMT
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=c5c0c37c-3068-4286-afce-8c72e000c93d
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
reporting
ap.lijit.com/dsp/google/ Frame 4D89
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
  • https://ap.lijit.com/dsp/google/reporting?gdpr=0
43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame 4D89 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2032%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=5749011601
  • https://sync.1rx.io/usersync3/centro/2032/no-consent?zcc=0&sspret=1&rndcb=5749011601
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=56&3pid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
date
Sun, 14 Nov 2021 18:22:40 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1636914159977&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=98C4241FFEF6498F8A96F2CFE007E27E
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 13 Nov 2021 18:22:40 GMT
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=5134455419450933626
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
101957
jadserve.postrelease.com/suid/ Frame 4D89 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.67.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-67-232.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=a94ec1c46f1f87cb5c34bd81/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=974e66315ea5176b68295dbf7d19d07b&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=974e66315ea5176b68295dbf7d19d07b&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=974e66315ea5176b68295dbf7d19d07b&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.18.158
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4D89
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YTk0ZWMxYzQ2ZjFmODdjYjVjMzRiZDgx&gdpr=0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
tum
ums.acuityplatform.com/ Frame 4D89 		0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4D89 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=7Elz9ZNhabe00Vbg8Hl6&pi=sovrn&gdpr_consent=&gdpr=0
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT, Sun, 14 Nov 2021 18:22:40 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4D89
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a94ec1c46f1f87cb5c34bd81&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
server
Aorta/20211029.2f91d75
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:f62a2bbdb84a4c4fedf4a1770feb5d28
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-23-72.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
sync
odr.mookie1.com/t/v2/ Frame 4D89
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=fmx&gdpr=0&gdpr_consent=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=fmx&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=418307b3-2efe-4ae7-aa7c-feaa2462db53&ssp=fmx&gdpr=0&gdpr_consent=
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
noop
px.owneriq.net/ Frame 4D89
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=0&gdpr_consent=
  • https://px.owneriq.net/fr/epx.gif
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 4D89 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 4D89 		44 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=a94ec1c46f1f87cb5c34bd81&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Sun, 14 Nov 2021 18:22:40 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
44
x-mnet-hl2
E
expires
Sun, 14 Nov 2021 18:22:40 GMT
ae12848777b41970a5f2
aax-eu.amazon-adsystem.com/s/x/ Frame 4D89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.37.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 3D69 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48495
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
async_usersync
ib.adnxs.com/ Frame 7085 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9853226c-18f7-4d2b-8f62-0cd4449d18cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
dm-eu.hybrid.ai/ Frame 59A6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=184&gdpr=1&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID}
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
515
x-xss-protection
1; mode=block
expires
-1
CookieSyncOpenX
rtb.adentifi.com/ Frame 59A6 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=76f82d4b-8581-44b9-85f2-34f5ab6622df&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.236.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-236-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
usermatch
ssum-sec.casalemedia.com/ Frame 652F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3df9bdf2a05121f741f73fe86cfe1c04a66a2a21f4a48684715ca647a0820869

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|88|3|130|190|156|64|90
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1633
Expires
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
0608867b
rtb.gumgum.com/usync/ Frame 7685 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c38acb6a4171c20da3c746768a8fc4588f10f56a8b9f78f67569d2e7a0bddf23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
etag
W/"089068be2306ba06c3730d5c98bbbd7ad"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8C35 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83361
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:40 GMT
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BFF8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13406715
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ap.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83361
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:40 GMT
vary
Accept-Encoding
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame 37B9 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:40 GMT
1x1.png
cdn.aralego.net/img/ Frame 8960
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/323087e2-de4a-365b-80c8-f52ef591edf1?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ziusCshE2oUJjxwFKvJ3yVYCIY_SZ.k15EZ2pU4-~A&redirect=
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MzIzMDg3ZTItZGU0YS0zNjViLTgwYzgtZjUyZWY1OTFlZGYx&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1581
content-length
68
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9vCUJ6oL5yg6VjCMLRvlq8VqvFHJPYTrm4gyNCnbUdRcj%2B%2FtnseGkOkN6eyyGekNxZ4nCnJbu%2FwH9ZOOzMjbebOWUs3apxEOziYtaVZXReFgCEWKP2ojq9oSpWBJwOxFz86FOxMqIrmhuQQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ae24443a8810f56-MXP

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
clear
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b09635c8-187f-431d-ad51-1c00885e1d73
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5e800d9e-014e-4f5c-bb2c-22fea47ba1b2&ssp=gumgum2
  • https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
//rtb.gumgum.com/usersync?b=bsw&i=418307b3-2efe-4ae7-aa7c-feaa2462db53
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-c9b027b7-1dfa-4a01-7e9f-634551431494$ip$194.36.110.165
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
Content-Length
123
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_aa746db0-a187-4024-b7cf-8d4241c65786&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F1506%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=5379861019
  • https://sync.1rx.io/usersync3/appnexus/1506/7056585800145824787?zcc=0&sspret=1&rndcb=5379861019
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-ea76274b-c6da-485c-adec-d489e345a118-003
date
Sun, 14 Nov 2021 18:22:40 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=siXggK9z5oC5&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=siXggK9z5oC5&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-GB
location
https://rtb.gumgum.com/usersync?b=pln&i=siXggK9z5oC5&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-544c4f9c45-qtfrt
expires
-1
cookie-sync
sync.outbrain.com/ Frame 7685
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_aa746db0-a187-4024-b7cf-8d4241c65786&obuid=ENC(x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Cache-Control
no-cache
X-TraceId
fa52106cd5b2bafbaf3ae022e10f97a1
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2eaa4881-86f7-45ce-a336-c955fb4d7bd5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7056585800145824787&obUid=x6pUVG3NjPzTNgglzoWdtHBIdMlD_tIb4dzB3qBb2iv2bNtFrDX2UkOLcwJt8SLZ
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=5386cffd-d841-4df1-b34f-b04021e83e45
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-zUq_uyVE2pcMhrVY4ZU1X0PuHGWuB57EptRH~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=d996b4e1-4577-11ec-9d14-fb2c7a265914
Date
Sun, 14 Nov 2021 18:22:39 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
da264aaf-4577-11ec-b40a-db78886add51
services
sync.technoratimedia.com/ Frame 7685 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
711941753
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7685 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 7685
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
date
Sun, 14 Nov 2021 18:22:40 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 7685 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:39 GMT
content-length
0
merge
ce.lijit.com/ Frame 7685 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_aa746db0-a187-4024-b7cf-8d4241c65786
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7727 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=83361
expires
Mon, 15 Nov 2021 17:32:01 GMT
date
Sun, 14 Nov 2021 18:22:40 GMT
vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 4070
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=5d37eff7-cbdd-41f5-a1e6-a7dab2310826&t=1639506160
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame 65F2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 9BAC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4103 f8fad19 master zrh-pixel-x14 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=0&gdpr_consent=
Expires
Sun, 14 Nov 2021 18:22:39 GMT
usersync
rtb.gumgum.com/ Frame 4E0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YZFT7gAAAJTV7ABG&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 varnish
x-served-by
cache-lcy19275-LCY
x-cache
HIT
x-cache-hits
0
x-timer
S1636914160.465545,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 80C7 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hYTc0NmRiMC1hMTg3LTQwMjQtYjdjZi04ZDQyNDFjNjU3ODY=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Sun, 14 Nov 2021 18:22:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
clear
/
ssc-cms.33across.com/ps/ Frame A41D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP002
date
Sun, 14 Nov 2021 18:22:39 GMT
um
cs.emxdgt.com/ Frame 017B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Sun, 14 Nov 2021 18:22:40 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame C811
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YZFT8MCo8YMAAI9LBy8AAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YZFT8MCo8YMAAI9LBy8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YZFT8MCo8YMAAI9LBy8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
5
X-SO-HostName
m-ad151.dc4p.scaleout.jp
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":38,"gdpr":true,"ipv4":"0.0.0.0","key":"YZFT8MCo8YMAAI9LBy8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad151"}
X-SO-Key
YZFT8MCo8YMAAI9LBy8AAAAA
X-SO-IP
194.36.110.165
X-SO-Cluster-ID
38
X-SO-Upstream-ID
m-ad151
usersync
rtb.gumgum.com/ Frame A1AA
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://rtb.gumgum.com/usersync?b=zet&i=5134455419450933626
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame B2AC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://rtb.gumgum.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT Sun, 14 Nov 2021 18:22:40 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=7Elz9ZNhabe00Vbg8Hl6&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
ice.js
resources.infolinks.com/js/1766.011-3.025/ 		462 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1766.011-3.025/ice.js
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d34755720965b731d75bde11087db2475d50c3779d4c6ac6e5915472c4f289

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ae2443efa257707-LHR
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 08:35:24 GMT
server
cloudflare
age
5289
etag
W/"73765-5d06b1b77ec36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Tue, 14 Dec 2021 16:54:31 GMT
getuid
secure.adnxs.com/ Frame 652F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 652F 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1636914160.479782,VS0,VE76
x-served-by
cache-lcy19275-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 652F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:40 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
MT3 4103 f8fad19 master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1e066191-53ea-4000-9f9b-18f43ac809c2&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 14 Nov 2021 18:22:39 GMT
crum
dsum-sec.casalemedia.com/ Frame 652F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKNLU7DIqgAACi-pB65dg&expiration=1638123760&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKNLU7DIqgAACi-pB65dg&expiration=1638123760&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:40 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAKNLU7DIqgAACi-pB65dg&expiration=1638123760&gdpr=1
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
getuid
ib.adnxs.com/ Frame 652F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
cookiesync
bttrack.com/pixel/ Frame 652F 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:36 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame 652F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639506160
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639506160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1639506160
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
no_match_opted_out
um.simpli.fi/ Frame 652F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 14 Nov 2021 18:22:40 GMT
x-content-type-options
nosniff
server
nginx
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 13 Nov 2021 18:22:40 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 652F 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YZFT7mekqH4Urk7gkrt5pgAA%26658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://gazette.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1994
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:55:54 GMT
integrator.js
adservice.google.co.uk/adsid/ Frame 37B9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 37B9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 37B9 		345 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4348726652539843&correlator=1518257839461912&output=ldjh&impl=fifs&eid=31063704%2C31063713%2C44754276%2C21064372%2C31062930&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=21711633394%2C116363%2C116363-fa&enc_prev_ius=0%2F1%2F2&prev_iu_szs=728x90%7C970x90&eri=1&cookie=ID%3D6ea4fd15ebebab7a%3AT%3D1636914152%3AS%3DALNI_MYrccD-gyyzye5wUUIY3Zar5v0_sg&cdm=gazette.com&bc=31&abxe=1&lmt=1636914160&dt=1636914160516&dlt=1636914160244&idt=248&ea=0&frm=23&biw=1600&bih=1200&ish=150&oid=2&adxs=2&adys=1043&adks=2638801244&ucis=xjk801gh15ow&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&nhd=1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&top=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x150&msz=0x0&ga_vid=873651966.1636914153&ga_sid=1636914161&ga_hid=2100469964&ga_fc=true&fws=260&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4895 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:40 GMT
expires
Mon, 14 Nov 2022 18:22:40 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
manage
router.infolinks.com/usync/ Frame 3A1B 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1043d63837511e948acea308d939cb136c72a99e26987a7af6f40caeb5be4a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ae244406d817707-LHR
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ae244407d8e7707-LHR
content-length
0
gsd
router.infolinks.com/ 		321 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&jsv=1766.011-3.025&_cb=16369141607120
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9387b4d32e24e4afa333c9f2729c46e274d8102d375854a2d6020b6ded23ced

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/javascript;charset=UTF-8
content-encoding
gzip
cache-control
max-age=0
cf-ray
6ae244407d9b7707-LHR
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 65F2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=48495
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9510
Expires
Mon, 15 Nov 2021 07:50:55 GMT
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBmQgTnwBYiAGAdlM2AC8QobMB3AUwCMdUwbgH1UAEyil8HAE7ccIADZw0GAoRo0AHvgBMmzHJjcZcmVGwBDRYtQIA5sLgzFUABbBgABxwBSYgCCvroAYsEh9pbM3J7cAHRIIAC24QjcnH6hMLyoALTcSZaoirk4AJ44Qkm5bpZIANbcYrmgpdwIzTCWjblIZbwmlp519bnWJsCZIZYyaEiKIrzkMHSE+HS5YgAclhsArFswZGNi0r0khDCnvJSEYvEeSYqYAG6oAsDCiSD1qNxQvjoACFgrpFF5Qf4grpdB5vJk9oFgntQsjQpForEEsk0SE0hlcdk8gUiiVypUCjURk0WiA2h1cl0en0BjIhsARmMFrMEaEZnMFsIlmQVmsNttdrkDkcTmckBcrvgbncHsAnpDdABhUEySFImEa7UwnDcex6oJ7EF7AAigOt2BAPz+AOBoJgL2A5qIpAo1ERwSNujeYi9F19+ERWwjWzodADoMsIHNNHjMPB5tBcJ8yP1KLCujzGJiQmxKQLoXxvJCRPyhWKpQqVSpDRprRNDKZ3F6-UGwwaXImVf5qHmi2Wq3Wmx2+0Ox0spxo51IiuV9zij0UhoTmV0UJTWtBLy8Ly9qd0IYN+vPW5husv0N3BoPMKQHtDPqoEeIZ4EF93gTIM97CQO9-wCf1n10MswP3QMxHEDMYUoXQxTIMgDioSgKEIW4SBvME33vb1yE-CDAyQSwki8Ip7AQHcoUBEEYWkLC6BRDNXRhF4TyIs9FEIsDiPDf06FtSCWLINjKA4pigx4wS+IEqEhNI79RLPCS2K2GTD3k5TFM9Iiw1Uu1TMgtwkBwYRLF4LQhEqDNLV8G07VeGYcAAbWo+wRGAMovG4ABdKBh1HNyZE84NuBAYQ3gEXgFmCrpFBNcLPJwOB+BA1ABmEJIQDEaxguAGQ4G4NKPIyrKZBykR8sKxQ8pAHJBRgR0hBkJLrFS75fl8x1hEUGYfNgbryt4Lx2EwGJJo8gAiUKFjmgAaOaKKEewQBkMoVrmyIbBMHbVrcZJuF2k0ZiQNxdqikA5sCzAvEmELZhHBYHSo2xLGQEQYCG+wLBeWopuPcQCEMRQ-ICqAqpwbLcvq6wIYQSj-heGZUBshYgA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_30fca4eff5e5278f89dbef8bce7b6234.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
bf18cec088ba6e701bb1d557203b23ddff9fca3e02f03abbd5ead01eb3ea3b92

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 18:22:40 GMT
server
istio-envoy
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
16
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH1DCAD6JAJ7IQvHqwDMAQSnUSaOIym8AwlIpoYICEJ040DSX1kK+AMyhgcZ6Ty18chOjjg06wxBBi31eSkSYEIHTSlXd08THz9bIV86NEYhKwgIEhBgQMseGztw9gARADJQSFgEFHRsfCwkEGYqGnpGcvBoeCRUTFw8MQlmKI8vOP8wUt89ZgAGUoB3EHc0LN1mGQA2AEZ5o1X17c2tgE5tgBZtgFYZAA5r2-Z2Ur0dOBB1854d9hOTq-u53OZ02502x1KAhAOhAC0OpXsAEcwlh3od5qo0CAsCRlIgmCQeswjqcLkdZuwZM9MdjCcg0BRssYIFhmISMDIXtCVE0YJCoIIROImkoVO0cBBCMB3swlnRSgLacxiNkgA
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:40 GMT
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
87
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
/
gazette.com/tncms/access/rules/ 		72 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazette.com/tncms/access/rules/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
24bd8495d7ca75a868cb6689e22a224a5831505cd6d25284d5513351599741bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
X-TNCMS-Access-Version
Request-Id
|QxIfj.5FmCl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 07:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40619
last-modified
Sun, 14 Nov 2021 07:05:41 GMT
vary
X-TNCMS-Access-Version, Origin, X-Townnews-Now-API-Version, Accept-Encoding
content-length
81
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
HIT
etag
W/e3fe6d39bd685ba7ea7f17ed281d6dd4
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
cache-control
public, max-age=86400
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
x-tncms
1.60.2; app20; 0.02s; 1.1M
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37B9 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9263
x-xss-protection
0
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914160770&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=aloycnp1636914160770&et=&aid=437816&said=1199840&ei=21711633394%2F116363%2F116363-fa&fc=fa&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=1196&di=&pr=&cw=728&ch=90&nt=&st=&jp=%7B%22ph%22%3A7446%7D&ty=adr
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:40 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
jpx.Sa.js
cdn.justpremium.com/js/v2.45.427/ 		49 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.justpremium.com/js/v2.45.427/jpx.Sa.js?v=v2.45.427
Requested by
Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.45.427/jpx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0d71a596e12268daf10d7091a3e4d54c4d7fe2b11691a271fde13b6eb4a8b17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 08 Nov 2021 23:58:48 GMT
content-encoding
gzip
last-modified
Mon, 08 Nov 2021 12:22:40 GMT
server
AmazonS3
age
498233
etag
W/"f1391f109f3e99088eeca77c898c028e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000, s-maxage=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
UGTwTDQxA20rwYPgGjyPHu-hrFK1XWyvgUMoF1b9AWgQij4tdGxTZg==
/
gazette.com/tncms/access/user/ 		69 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gazette.com/tncms/access/user/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.newyork1.vip.townnews.com
Software
/
Resource Hash
3ead743fa3a6384a59a23f22f9016cffc7eb991aba09b5be6a59e9d1eba128b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
X-TNCMS-Access-User
anonymous
Referer
https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Request-Id
|QxIfj.oC3KN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
vary
X-TNCMS-Access-User, X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-Townnews-Now-API-Version, Accept-Encoding
content-length
75
x-xss-protection
1; mode=block
x-loop
1
referrer-policy
strict-origin-when-cross-origin
x-vcache
MISS
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://admin-newyork1.bloxcms.com
cache-control
private, max-age=3600, must-revalidate
accept-ranges
bytes
x-robots-tag
noarchive
access-control-allow-headers
X-TNCMS-Access-Version, X-TNCMS-Access-User-Version, X-TNCMS-Access-User
x-tncms
1.60.2; app17; 0.01s; 0.8M
gpt.js
www.googletagservices.com/tag/js/ Frame B8E9 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.justpremium.com
URL: https://cdn.justpremium.com/js/v2.45.427/jpx.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02be652e42bb600ca993e13fd203bda9f8d2992624da6becb8108ef468e9966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1043 / 777 of 1000 / last-modified: 1636758328"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
clear
content-length
26746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:40 GMT
doq.htm
rt3002.infolinks.com/action/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3002.infolinks.com/action/doq.htm?pcode=utf-8&r=16369141609511
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ea7493e3b8e0eba1e4d58703645b4459d2ddd2b6ab09ae934283d6bb4298e5a

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
x-application-context
application:prod
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-language
en-GB
access-control-allow-origin
https://gazette.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
cf-ray
6ae244424de7751d-LHR
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
de.tynt.com/deb/ Frame 9634
Redirect Chain
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
  • https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/

Response headers

cache-control
max-age=86400
expires
Mon, 15 Nov 2021 18:22:41 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Sun, 14 Nov 2021 18:22:41 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV&b=1
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires
Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy
unsafe-url
content-length
0
date
Sun, 14 Nov 2021 18:22:40 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
usermatch
ssum-sec.casalemedia.com/ Frame 8AFD 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b540fdc0bc0ccb46a286a47d026cb1b464655c72f75b96c42c155f3c147d63d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
206|65|81|41|188|176|51|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1378
Expires
Sun, 14 Nov 2021 18:22:40 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame 1BBE 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
pbm-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=e3745e2f-3bf5-42c9-821b-bd61ff8bee24&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D4AC4D667-EFFA-44E4-8780-780E7097946F
  • https://router.infolinks.com/dyn/pbm-usync?uid=4AC4D667-EFFA-44E4-8780-780E7097946F
0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=4AC4D667-EFFA-44E4-8780-780E7097946F
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
6ae24445d9027707-LHR
content-length
0
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=4AC4D667-EFFA-44E4-8780-780E7097946F
date
Sun, 14 Nov 2021 18:22:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=7056585800145824787
35 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=7056585800145824787
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae24442498c7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
739b7fbe-812c-4d9b-a7df-da8ae17a2487
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=8f2c491c-e380-422b-95fb-975f111f9a96
35 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=8f2c491c-e380-422b-95fb-975f111f9a96
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae2444229587707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://router.infolinks.com/dyn/ox-usync?uid=8f2c491c-e380-422b-95fb-975f111f9a96
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
VR-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://router.infolinks.com/dyn/VR-usync?uid=y-mkzxzQ1E2uHquzazAs_kFo4iopkS.4JK7LLL7_I-~A
35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/VR-usync?uid=y-mkzxzQ1E2uHquzazAs_kFo4iopkS.4JK7LLL7_I-~A
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae2444249927707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

location
https://router.infolinks.com/dyn/VR-usync?uid=y-mkzxzQ1E2uHquzazAs_kFo4iopkS.4JK7LLL7_I-~A
date
Sun, 14 Nov 2021 18:22:40 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
r1-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://sync-tm.everesttech.net/upi/pid/1cMuUcwh?redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fadobe%2F2109%2F%24%7BTM_USER_ID%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7027172643
  • https://sync.1rx.io/usersync3/adobe/2109/YZFT7gAAAJTV7ABG?zcc=0&sspret=1&rndcb=7027172643
  • https://sync.targeting.unrulymedia.com/csync/RX-ea76274b-c6da-485c-adec-d489e345a118-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-ea76274b-c6da-485c-adec-d489e345a118-003
  • https://router.infolinks.com/dyn/r1-usync?uid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
35 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/r1-usync?uid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae24442fb177707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

location
https://router.infolinks.com/dyn/r1-usync?uid=RX-ea76274b-c6da-485c-adec-d489e345a118-003
date
Sun, 14 Nov 2021 18:22:41 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXea76274bc6da485cadecd489e345a118003
content-type
text/html
zmn-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
  • https://router.infolinks.com/dyn/zmn-usync?uid=
35 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae24442daca7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
70
Content-Type
text/html; charset=utf-8
us
sync.go.sonobi.com/ Frame 3A1B 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/ Frame 3A1B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fgazette.com%252Fnews%252Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%252Farticle_b69f7617-d8a7-58f9-ad10-c636...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=12306&adnxs_uid=705658...
95 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=12306&adnxs_uid=7056585800145824787
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Server
52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-63-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Sun, 14 Nov 2021 18:22:41 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Sun, 14 Nov 2021 18:22:41 UTC

Redirect headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:40 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3efc0ecf-888c-4cba-b0de-ec1f69b63626
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&pid=12306&adnxs_uid=7056585800145824787
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame 3A1B 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
outh-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPd9768320-4577-11ec-bad9-020dabedf6f0
  • https://router.infolinks.com/dyn/outh-usync?uid=y-W33f4ItE2uGcaripW7wEXs1C6CraMED.~A~UPd9768320-4577-11ec-bad9-020dabedf6f0
35 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-W33f4ItE2uGcaripW7wEXs1C6CraMED.~A~UPd9768320-4577-11ec-bad9-020dabedf6f0
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae244428a0d7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

location
https://router.infolinks.com/dyn/outh-usync?uid=y-W33f4ItE2uGcaripW7wEXs1C6CraMED.~A~UPd9768320-4577-11ec-bad9-020dabedf6f0
date
Sun, 14 Nov 2021 18:22:41 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
match.bnmla.com/ Frame 3A1B 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.158 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
  • https://router.infolinks.com/dyn/sovrn-usync?uid=a94ec1c46f1f87cb5c34bd81
35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/sovrn-usync?uid=a94ec1c46f1f87cb5c34bd81
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae24442dacf7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://router.infolinks.com/dyn/sovrn-usync?uid=a94ec1c46f1f87cb5c34bd81
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3A1B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=d5e76e24-1020-42c5-a966-7f47b1fbdf8a&expires=1&user_group=5&ssp=pubmatic&bsw_param=418307b3-2efe-4ae7-aa7c-feaa2462db53
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=418307b3-2efe-4ae7-aa7c-feaa2462db53&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4AC4D667-EFFA-44E4-8780-780E7097946F&gdpr=0&gdpr_consent=
0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4AC4D667-EFFA-44E4-8780-780E7097946F&gdpr=0&gdpr_consent=
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4AC4D667-EFFA-44E4-8780-780E7097946F&gdpr=0&gdpr_consent=
date
Sun, 14 Nov 2021 18:22:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
iq-usync
router.infolinks.com/dyn/ Frame 3A1B 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/iq-usync
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
6ae244429a217707-LHR
content-length
0
zeta-usync
router.infolinks.com/dyn/ Frame 3A1B
Redirect Chain
  • https://p.rfihub.com/cm?pub=43153&in=1
  • https://router.infolinks.com/dyn/zeta-usync?uid=5134455419450933626
35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/zeta-usync?uid=5134455419450933626
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae244431b4f7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT

Redirect headers

Location
https://router.infolinks.com/dyn/zeta-usync?uid=5134455419450933626
Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
ssc-cms.33across.com/ps/ Frame 3A1B 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3206501&wsid=2&pdom=gazette.com&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip173.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-33x-status
2000208
date
Sun, 14 Nov 2021 18:22:40 GMT
server
33XP004
pubads_impl_2021110901.js
securepubads.g.doubleclick.net/gpt/ Frame B8E9 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
118212
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 09:34:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 14 Nov 2021 18:22:40 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 8AFD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 8AFD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1637000561&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1637000561&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:41 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1637000561&gdpr=1
pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 8AFD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=SI3V2UuPiY1T3dzeTovB0RiM3NBTjNXYR9jx4Bdl
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=SI3V2UuPiY1T3dzeTovB0RiM3NBTjNXYR9jx4Bdl
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 14 Nov 2021 18:22:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=SI3V2UuPiY1T3dzeTovB0RiM3NBTjNXYR9jx4Bdl
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame 8AFD 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
CookieIndex
rtb.adentifi.com/ Frame 8AFD 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.236.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-236-90.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
113
match.deepintent.com/usersync/ Frame 8AFD 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
content-length
0
server
c
sync
x.bidswitch.net/ Frame 8AFD 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.121.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8AFD 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ix-usync
router.infolinks.com/dyn/ Frame 8AFD 		35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ix-usync?uid=YZFT7mekqH4Urk7gkrt5pgAA%26658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
6ae2444269dc7707-LHR
content-length
35
expires
Sat, 14 Nov 2020 18:22:41 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0D35 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157898&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157898
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
integrator.js
adservice.google.co.uk/adsid/ Frame B8E9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B8E9 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=gazette.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
clear
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame B8E9 		106 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2075776095603448&correlator=4314335709314594&output=ldjh&impl=fifs&eid=44754276%2C31063246%2C31062930&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=21711633394%2C116363%2C116363-sa&enc_prev_ius=0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C120x600%7C160x600&eri=1&cookie=ID%3D6ea4fd15ebebab7a%3AT%3D1636914152%3AS%3DALNI_MYrccD-gyyzye5wUUIY3Zar5v0_sg&cdm=gazette.com&bc=31&abxe=1&lmt=1636914161&dt=1636914161074&dlt=1636914160847&idt=202&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=2&adxs=0&adys=7496&adks=1406219073&ucis=w8h1au7m45j5&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&top=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x0&ga_vid=873651966.1636914153&ga_sid=1636914161&ga_hid=569222565&ga_fc=true&fws=260&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
979d381930644e5be210ba5598cf61425aeb28f6707b2d520fc9f03a8cec7577
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJOT6Li8mPQCFZms1QodxCIA4w&gqi=&layout=/sadbundle/%24csp%253Der3%24/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJOT6Li8mPQCFZms1QodxCIA4w&gqi=&layout=/sadbundle/%24csp%253Der3%24/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35919
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 14 Nov 2021 18:22:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gazette.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 812D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:41 GMT
expires
Mon, 14 Nov 2022 18:22:41 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
clear
sodar
pagead2.googlesyndication.com/getconfig/ Frame B8E9 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3d4d84def825df07c7d3ccac7d867236b2ae413199241648fe50e211295b1f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
clear
content-length
9218
x-xss-protection
0
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914161169&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=alnkgfp1636914161169&et=&aid=437808&said=1199841&ei=21711633394%2F116363%2F116363-sa&fc=sa&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=1595&di=&pr=&cw=300&ch=600&nt=&st=&jp=%7B%22ph%22%3A7446%7D&ty=adr
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B8E9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
clear
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 14 Nov 2021 18:22:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3F43 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 14 Nov 2021 18:16:12 GMT
expires
Mon, 14 Nov 2022 18:16:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
389
alt-svc
clear
aframe
www.google.com/recaptcha/api2/ Frame 380C 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f87c3579b09bb633ce3442000e8c09528522f55274a4863cc142bcd40494547
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qJXFi0pWzgvz2Em8OhIbWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 14 Nov 2021 18:22:41 GMT
date
Sun, 14 Nov 2021 18:22:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qJXFi0pWzgvz2Em8OhIbWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
clear
in_search.js
resources.infolinks.com/js/1766.011-3.025/ 		123 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1766.011-3.025/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ae24443fced7707-LHR
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Nov 2021 08:35:24 GMT
server
cloudflare
age
5285
etag
W/"1eb61-5d06b1b77e84e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Tue, 14 Dec 2021 16:54:36 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		368 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
clear
content-length
125138
x-xss-protection
0
expires
Sun, 14 Nov 2021 18:22:41 GMT
container.html
resources.infolinks.com/static/ Frame F536 		257 B
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/static/container.html
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f200dd381332cbd68d65ecfecf03e80e09e990a78e57cea26c0c7332cf9c7606

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
content-type
text/html; charset=UTF-8
last-modified
Mon, 15 Feb 2021 07:25:02 GMT
cache-control
max-age=2592000
expires
Tue, 14 Dec 2021 16:44:52 GMT
via
1.1 google
cf-cache-status
HIT
age
5869
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6ae244442d647707-LHR
content-encoding
gzip
getads.htm
rt3002.infolinks.com/action/ 		128 B
290 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3002.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22android%20app%22%2C%22scs%22%3A%22Z0Jiu07Cw7%22%7D%5D&rid=498e3703-eafc-4e07-8b45-74f25422ccdf&jsv=1766.011-3.025&sr=1600X1200&rts=1636914161338&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=95.0.4638.54&dv=p&ce=t&purl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tzo=-0000&c=c&strg=true&rsd=MsbXpR6a2eqFAzyxTRMwDy3ktGCeW_VFiWPmQN7VeOIJ47e8VUVomU9-DFFhfsc2dgz8_X7DonDd3fp4nNtfa4YS4VPzBN5A1GSOUN612k-Cygdnq5ELtDFACtaCa0q8FY57KEmQy8ZTT6GsNxUFCCiOqpjLB7OS&rsk=13&rcs=1BJ6ur-nJ4qJA31u11DpEw&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abedc4371b8288916f3e5590ca754c251644eb09970fa07a2e28c414b724057b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-language
en-GB
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
6ae244446def7707-LHR
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 380C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=2075776095603448&rc=
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 7085 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 14 Nov 2021 18:22:41 GMT
X-Proxy-Origin
194.36.110.165; 194.36.110.165; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3601d627-d490-4327-b9fe-ae93ea4246ad
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
pagead2.googlesyndication.com/bg/ Frame 3F43 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CRtE2hXI-Oo2CzbqEvynNThBTGvKRH_6so9ly1Scye0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 16:47:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
5710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13332
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 11:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Nov 2022 16:47:31 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame F536
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container.html
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://resources.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=30d550f9-5fa4-4d62-898f-6ac406fd05a3=&partner_id=3337
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
container.html
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D654 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sun, 14 Nov 2021 18:22:41 GMT
expires
Mon, 14 Nov 2022 18:22:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
clear
impression
us.ads.justpremium.com/adserve/ Frame E1B7 		95 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us.ads.justpremium.com/adserve/impression?zone=116363&adid=437808&rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.78.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-78-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
us.ads.justpremium.com
date
Sun, 14 Nov 2021 18:22:41 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914161471&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=asmqjfa1636914161471&et=&aid=437808&said=1199841&ei=21711633394%2F116363%2F116363-sa&fc=sa&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=1897&di=&pr=&cw=300&ch=600&nt=&st=&jp=%7B%22ias%22%3A%7B%22riskIP%22%3A%22%22%2C%22riskHref%22%3A%5B%5D%2C%22content%22%3A%5B%22IAB_LAWGOVT%22%2C%22IAB_SPORTS%22%5D%7D%2C%22ph%22%3A7446%7D&ty=im
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
btn-close--black.svg
cdn.justpremium.com/adr/ 		795 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.justpremium.com/adr/btn-close--black.svg
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa12511785aebfc30c03b60eef91010d95eea60d984444aacaf2aef147b76e2c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sat, 13 Nov 2021 19:45:28 GMT
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
last-modified
Thu, 13 Feb 2020 11:33:58 GMT
server
AmazonS3
age
81434
etag
"ef9e8c904fcdef2cde0cfff7465fb54e"
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
795
x-amz-cf-id
FgDUAU8LR_0ZMoiMAz721cF5G6NMo14Lc-t8VEs1xJmeVdcL1xUOwg==
vidice.js
resources.infolinks.com/js/vidice/1.0/ 		620 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/1.0/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1766.011-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6ae2444588497707-LHR
date
Sun, 14 Nov 2021 18:22:41 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 10 Jul 2019 15:15:02 GMT
server
cloudflare
age
5868
etag
W/"9b0d4-58d552435a78c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Tue, 14 Dec 2021 16:44:53 GMT
tracking.gif
tracking.justpremium.com/ Frame E1B7 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking.justpremium.com/tracking.gif?rid=r-9eccc678-1f2e-413a-9d06-ac3ac7e7ea74-38875-11016125&sid=r-fadd7588-cbd6-42ca-a259-28bd505a03d5-33971-164567728&uid=&vr=v2.45.427&ru=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&tt=1636914161545&siw=1360&sh=1200&sw=1600&wh=1200&ww=1600&an=2.3.1&vn=canary-eu-central-1&sd=&_c=a3u76aw1636914161545&et=&aid=437808&said=1199841&ei=21711633394%2F116363%2F116363-sa&fc=sa&sp=13&at=adserver&cid=&ist=0&mg=&dl=&dlt=&ev=&vt=&zid=116363&dr=1971&di=&pr=&cw=300&ch=600&nt=&st=&jp=%7B%22ads%22%3A%5B%22sa%22%5D%2C%22cls%22%3A%220.057%22%2C%22ph%22%3A7446%7D&ty=sh
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.66.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-66-229.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:41 GMT
Last-Modified
Wed, 23 Jun 2021 07:56:00 GMT
Server
nginx
ETag
"60d2e910-2b"
Content-Type
image/gif
Cache-Control
public, no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame B8E9 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=2075776095603448&bg=!wMOlw4fNAAZQLpa_UC47ACkAdvg8WjYN5o5gqPtp0iYhl1MzsJos-oZsfW17YPiooKz7yzOkKSJjAgIAAADEUgAAABNoAQcKAB4Z4-LW89K6Ay02pZUDbz8LP9Z7bId8cLMGdx5ohlaZArvvxwe_p2iDWzlSmWrwiYIKKiclaRG9PB1nayc_v3_vhBrEgS1GN0TW-AuvtJEI3hX5UwONn14qoTBJ6xPGPllb9_ZgbK8LWzyVi26peiAZkH5I5plTbtDANmOBMQwZO--D6w0c0PIzptqXQB4ZYVnFjaznWxN7Ky8PUdSBQasSxihmzuTS5rJnXx8vXl1CVW7puoFOLRpxhyN9-1qzFnQjF46wOfp6EO-CCYokko2SeoaV5E6cdJiZ6euBaB39GXmYaN_YDjyS_qotVRlNv04Pvl5qIBTrZe1Pi3U9a10X2MLRrDw-fzss_sFYZXOANf2rAMdX6mfphDhM2GDucFO_9kklqWzLIaCCUyk60YXsClhT0B0USGDax9D1o_IjQtsgQ7C47E6zEN76ytSHKzvn32rataehshv9q7vmOMovmPWU4g5ADrOtq8MpBOOK36EwxSRlacodyPZaATQHSFSChhOxrEjVzpb_c8RZ3NPr2zJfLdbD2Dbnr_iz_3W94m2jRbIlY5AQdQrWBIQs6yo6oYEz1b1JcqXs4U3D3hKokVnKcbVHW4mATUCc2_3CAVbdBxEn_ws6etym_AvxIqZJfLlRfO1MYhkKOwhFh-6sev7CQAIK7VBKV6_UeXe790JRSnD0UVaBIfEY6nyObpmETHRKQUK9i1No7BUuJtfnHHs3qLS1e-8cKaHQNyuefR19EsHC_KzxWgITKcg155PqX12kBW9APjYNzmYjOaWmM-mVbnTgGFyCfvsQej9AK4r-qIi03rkouvbgXjTyp_Ze7gUUQsmOwU6KBlOzb0lVyR3MntS5pVsKoeX-eXxPpkJWjJIshwtNlpbZxkyp5WoJpXqo2ZQFUxeFZOYxK0cy99hS6ikN_zgwio82gjgtAXN23g3JJIgl4LVeqxU6wD4G7tOkMAp0BbLwPIo
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c047e0d7-7e8a-42dd-8700-40dcd682a58e
https://gazette.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gazette.com/c047e0d7-7e8a-42dd-8700-40dcd682a58e
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f8edf2c2a0f53664c3c0e4d5eba42f14a48f97c5ece663349982d1eda1c3b77
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
content-length
2678
date
Mon, 08 Nov 2021 14:18:28 GMT
expires
Tue, 08 Nov 2022 14:18:28 GMT
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
533053
alt-svc
clear
adview
securepubads.g.doubleclick.net/pagead/ Frame D654 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpY8b8VORYdPWB5nZ1gbExYCYDt-k17Vmv4q5w_8Ot7_5jYkbEAEgypniZ2C7vq6D0AqgAcfE7PcDyAEJ4AIAqAMByAMIqgTXAk_QRvm8C3Okfgt8rsoL5fRwwMdTas6ggUXPkX2-pbLj2X9LrY4Q_AR-BScsgq6HcIympuGj0rY6o8zISIZ2L3R4386sjo_FNLsGpt_jVJkXeFjz-yID6EULiBHjOKCSU7G5aapUYyk6LgxCzjBWKT_ACpDTqRfRYXV5WOZqqR7HW6jeT_rzSxJDVshlC-AFR0a3nTrl1nmW8YU_7NrGjygWBwouOF1J9o2kB66vOFmW0BSs1eHOjvSlv1SYB1vnmO7K461i696ZLtnEryEBD4eEfBOm55GwPS1vyMS5_AZOIlufDcl3tiBVFPOjga-Bvgbeib_-AO5ofMhn8NcotuXQsfuoOY_h5OikgJVRPrF_bNPPLTUYZCkRTRzezl-620AcZLC795nLg5MoOsjAxf8yzJ_WXTNlMg6xmZ-HUworBoasHXShd5GVs4ro9Ay_UfWyAQg-f-rABKPBn_P2A-AEAZIFBAgEGAGSBQQIBRgEoAYugAebleW_AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcFEOfFkgHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTMxOTQxMzg2MzA2MjY4ODSACgPICwHYEwKIFAHQFQGAFwGyFx4KHAgAEhRwdWItODE3MjI2ODM0ODUwOTM0ORjA5Ww&sigh=mdHGkQnQ9Ig&uach_m=[UACH]&template_id=419
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame D654 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
7882
x-xss-protection
0
server
cafe
etag
2787528384799239804
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:18:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D654 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:20:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:20:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D654 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
clear
content-length
37119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1636547677202025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 14 Nov 2021 18:22:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame D654 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
6461
x-xss-protection
0
server
cafe
etag
16025856826866802794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Nov 2021 18:21:28 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
cors
data.ad-score.com/data/ 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SfbmfqiIUvcdEgltKxZBIBlkbtornQCd-FE7fPshldVrrKDgR03rCFkrH-E0zCOsRmalTkPg==&pm_ct=a559ba1c6eaee7953e624140&pm_pl=1636914155337&pm_td=6674&pid=1000177&en=1.1&callback=__pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR._gc4&tt=opt&v=bf28c17
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
s
googleads.g.doubleclick.net/pagead/drt/ Frame 73FB 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 14 Nov 2021 17:37:41 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2701
alt-svc
clear
truncated
/ Frame D654 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29ab4573eac31df19f60fb5e1ca43abbf6a606b864908af0b503b57a69729a47

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F15A 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16792
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 15 Nov 2021 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F15A 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65802
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
clear
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 15 Nov 2021 00:06:00 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2115355197c9a58d03beeb8e1dbce3b8a10ab6db5a3f39591635efdaf1187037
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
533054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1863
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:18:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:18:28 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600_media_query.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		258 B
204 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600_media_query.css
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69b3f18a92225bbb7a058ec3f204fb092538d8671e3b92b98c1cc44e99a6bf5e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
533054
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
126
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:18:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:18:28 GMT
css
fonts.googleapis.com/ Frame F15A 		10 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
clear
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 18:11:08 GMT
server
ESF
date
Sun, 14 Nov 2021 18:22:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 14 Nov 2021 18:22:42 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_dell_logo_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		609 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_dell_logo_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82d0dd3043d319327127aada3f138047a253182183fff208f60fdf7e1141979b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
534019
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
609
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:02:23 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:02:23 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_funding_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_funding_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d4715ce85cd25f966cadb4540ee6ba9a43aa104f659b1a3e114540aac81066f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
215851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
4381
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Fri, 12 Nov 2021 06:25:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 06:25:11 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f1_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f1_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec071d637b3d1f456ab45d5c1a1b25461cfd79958165b227a7ffae7fcce4096
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
534019
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19018
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:02:23 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:02:23 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_img_f2_300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_img_f2_300x600.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6fda033b750eff844c58062210250051e9861b39f8ef9c3c3c9346c40cfc6d9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
534018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
47100
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:02:24 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f3_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f3_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72be4d2f8a697f1580885f1df8b7e6ca2a620b41a78c8d00eb7241fcf1abbfef
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
215851
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
13634
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Fri, 12 Nov 2021 06:25:11 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 06:25:11 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f4_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f4_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d94fb5c8de8845c703b88f8c9989ba26907c75ed00d2ce3dc1b85f05eaf4e234
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
534018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
14814
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:02:24 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f5_300x600.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_pro_f5_300x600.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
436036e4ed46bb147415982568cd6ecf32eb3defeed8e3a9098048a6ea86b8a0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
534018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19175
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Mon, 08 Nov 2021 14:02:24 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 08 Nov 2022 14:02:24 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F15A 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 14 Nov 2021 18:22:42 GMT
cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/ Frame F15A 		3 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edf9ff6b104de9e7b69d85941d0e2593e5b079088ed50862de591acd2afabc61
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
215850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
818
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 14:49:57 GMT
server
sffe
date
Fri, 12 Nov 2021 06:25:12 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 12 Nov 2022 06:25:12 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.118&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=6&f_privb=0&tid=c34d5e00-aa48-4441-b847-d9d6667b2268&pid=94f6fbb4-01a1-4536-b3f7-7d1b97ed9a90&dtm=1636914162163&qnm=_matherq&visible=1&tabid=863590bb-d811-42be-920f-ae724d4138f1&url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&curl=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&vp=1600x1200&ds=1973x7496&tofa=1636914152&vid=1&lvidt=1636914152&duid=1d675a9b4f9823b2&fp=2920491789&cid=ma96165&mrk=775313800&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYzNjkxNDE1MDg0NyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiI4OTUiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiOSIsImNvbm5TIjoiOSIsImNvbm5FIjoiMTg5Iiwic3NsUyI6IjI2IiwicmVxdVMiOiIxODkiLCJyZXNwUyI6IjI4MiIsInJlc3BFIjoiNDMwIiwiZG9tTG9hZCI6IjI4NyIsImRvbUludGVyIjoiMTM5MSIsImRvbUxvYWRTIjoiMTQ0MSIsImRvbUxvYWRFIjoiMTQ1MCJ9fQ
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.91.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-91-69.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 14 Nov 2021 18:22:42 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame 73FB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
173 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 14 Nov 2021 18:22:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
expires
Sun, 14 Nov 2021 18:22:42 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 14 Nov 2021 18:22:42 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
clear
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F15A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 17:36:17 GMT
x-content-type-options
nosniff
age
261985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 17:36:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F15A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 08:58:25 GMT
x-content-type-options
nosniff
age
206657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 12 Nov 2022 08:58:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F15A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 09 Nov 2021 05:32:01 GMT
x-content-type-options
nosniff
age
478241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Nov 2022 05:32:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F15A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 11 Nov 2021 22:46:25 GMT
x-content-type-options
nosniff
age
243377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 11 Nov 2022 22:46:25 GMT
cors
data.ad-score.com/data/ 		1 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=SfbmfqiIUvcdEgltKxZBIBlkbtornQCd-FE7fPshldVrrKDgR03rCFkrH-E0zCOsRmalTkPg==&pm_ct=a559ba1c6eaee7953e624140&pm_pl=1636914155337&pm_td=6945&pid=1000177&en=1.1&callback=__pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR._gc5&tt=opt&v=bf28c17
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://gazette.com
Date
Sun, 14 Nov 2021 18:22:42 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
activeview
pagead2.googlesyndication.com/pcs/ Frame D654 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdy37N8w5kBqf2Gwl4EeF5ZmFRWO6PMZD161MAY9nXslNyZRYreCvvOxNmkHldPmxreBOcIju0oWcOrLcMIVgERbQjjzvJWGLGNOqg1uQpBOG-r6r21Q&sai=AMfl-YQ5oyr76Wq69m0kCIO3wBTcdNaw10bf2g9pr-hXE9j9WKvjevWucwch93Y7SWkvGsLZ1CZIfcbH8IbY04FcUU6ufwAwlQ_chjbypwBLw1jRFyl2oAL4wDVLdec&sig=Cg0ArKJSzPzyYqZMPtbfEAE&cid=CAASF-RorkY7v89rsnjneS31ftsj5lFEAGvM&id=lidar2&mcvt=1000&p=300,1449,900,1749&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=2&adk=1406219073&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636914161468&rpt=570&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2122792.jpg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122792.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae7208e6db89989a60daa793981e1cd0f29020b434ad735bd2dea7a704fd5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
x-content-type-options
nosniff
age
63189
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19241
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122796.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		162 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122796.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c3fdc9374d441d370c498afc7a42521f902cb7c1d035f7fb4898c3cf5da423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63189
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
151
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122797.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		459 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122797.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e45e1d04daf98fd1558c77c1c047c6b83a8b2e148d9bddd93b12d8111ecd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
248
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122803.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		2 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122803.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb935cc05135c50bf5fd1f43b36d19555b6d7429a32a176cbbd9a0333ce666f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
945
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122804.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122804.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef8a8ca911c150883a403abc9fb10f0f622b7e5d3604b5efa9de1e3040b49bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2303
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122805.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122805.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e05904054b6def1b931444c8df632cad0497c74c92e01cdadd2b6c238ddc0b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1510
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122806.png
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		132 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122806.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3cba018faf3b460d8db232de1c521bb23ff53f21d7f904ec8fdca2e95fb50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
132
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122807.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122807.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4a5654625775ae159b47b98ca6632a7e34940d064455f3ff03d51b5fcc63c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63188
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
6862
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1650202400&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&ul=en-us&de=UTF-8&dt=FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%20%7C%20News%20%7C%20gazette.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=15_seconds&ea=read&_u=aCjACUABBAQCAG~&jid=&gjid=&cid=136574573.1636914153&tid=UA-37551682-1&_gid=873651966.1636914153&gtm=2wgba1MWWFD9&cd1=&cd2=false&cd3=3.155.03.155.0&cd4=editorial&cd5=flex-editorial&cd6=flex&cd8=453&cd9=https%3A%2F%2Fwww.washingtonexaminer.com%2Fnews%2Ffbi-email-system-hacked-send-fake-cyberattack-alerts%3Futm_source%3Dgazette.com%26utm_medium%3Dreferral%26utm_campaign%3Dcsg_news_feed&cd10=article&cd11=b69f7617-d8a7-58f9-ad10-c636fd1b46de&cd12=Asher%20Notheis%2C%20Washington%20Examiner&cd13=Asher%20Notheis%2C%20Washington%20Examiner&cd14=news%2Cus-world%2Cwex&cd15=&cd7=200&z=112533543
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 13:17:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
18333
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-tppuzG7fYWxB-.js
rules.quantcount.com/ 		3 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-tppuzG7fYWxB-.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ea00:6:44e3:f8c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 04:09:47 GMT
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
age
51181
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:20:00 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
TA-Zp68ZbPOBZUE-Xpo0zlZv3pgmLWxXycUSMAOvY9OnhkUOUIHyOA==
pixel;r=1731226011;rf=0;a=p-tppuzG7fYWxB-;url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html;uht=2;fp...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1731226011;rf=0;a=p-tppuzG7fYWxB-;url=https%3A%2F%2Fgazette.com%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Farticle_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html;uht=2;fpan=1;fpa=P0-1597766584-1636914167744;pbc=771754d4-59d3-4a50-8ee2-68458d9f0cfe;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=gazette.com;je=0;sr=1600x1200x24;dst=0;et=1636914167743;tzo=0;ogl=type.article%2Curl.https%3A%2F%2Fgazette%252Ecom%2Fnews%2Ffbi-email-system-hacked-to-send-fake-cyberattack-alerts%2Cimage.https%3A%2F%2Fbloximages%252Enewyork1%252Evip%252Etownnews%252Ecom%2Fgazette%252Ecom%2Fcontent%2Ftncms%2Fassets%2Fv3%2Cimage%3Awidth.1120%2Cimage%3Aheight.630%2Ctitle.FBI%20email%20system%20hacked%20to%20send%20fake%20cyberattack%20alerts%2Cdescription.The%20Federal%20Bureau%20of%20Investigation%20announced%20Saturday%20that%20hackers%20had%20compromi%2Csite_name.Colorado%20Springs%20Gazette%2Csection.News
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:47 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
dc_oe=ChMIldeUt7yY9AIVsUL2CB1bxAWGEAAYACD20P1M;met=1;&timestamp=1636914168640;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 3A68 		42 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIldeUt7yY9AIVsUL2CB1bxAWGEAAYACD20P1M;met=1;&timestamp=1636914168640;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 14 Nov 2021 18:22:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
clear
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://gazette.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sun, 14 Nov 2021 18:22:50 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
69aa7a31b7109cd6dd898e019a98a1636b51ed41e9b5214630dc765fd74c3ea3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://gazette.com/
Accept-Language
en-GB,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
DBE7BE9B-7B51-45A4-BA09-095A5B988193
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 14 Nov 2021 18:22:51 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
61913640e3586.image.jpg
bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/ee/7ee688ae-ddf5-50cb-a73e-c74aae9f0705/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.newyork1.vip.townnews.com/gazette.com/content/tncms/assets/v3/editorial/7/ee/7ee688ae-ddf5-50cb-a73e-c74aae9f0705/61913640e3586.image.jpg?crop=940%2C940%2C300%2C0&resize=100%2C100&order=crop%2Cresize
Requested by
Host: gazette.com
URL: https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84f2e6a0dadec94c98ea2cc24db4b4312554f05d8248b72c5c9e4042285ac7f4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://gazette.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 18:22:51 GMT
vary
Accept
cf-cache-status
HIT
age
1347
cf-polished
qual=85, origFmt=jpeg, origSize=2963
last-modified
Sun, 14 Nov 2021 16:16:01 GMT
content-disposition
inline; filename="61913640e3586.webp"
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"bd898551bd45f842159d3597b61bd122"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
expires
Mon, 14 Nov 2022 16:17:40 GMT
cache-control
public, max-age=31536000
cf-ray
6ae244834c1c71d2-LHR
cf-bgj
imgq:85,h2pri
2122792.jpg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122792.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ae7208e6db89989a60daa793981e1cd0f29020b434ad735bd2dea7a704fd5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
x-content-type-options
nosniff
age
63197
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
19241
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122796.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		162 B
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122796.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59c3fdc9374d441d370c498afc7a42521f902cb7c1d035f7fb4898c3cf5da423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63197
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
151
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:37 GMT
2122797.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		459 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122797.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a24e45e1d04daf98fd1558c77c1c047c6b83a8b2e148d9bddd93b12d8111ecd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
248
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122803.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		2 KB
1011 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122803.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7cb935cc05135c50bf5fd1f43b36d19555b6d7429a32a176cbbd9a0333ce666f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
945
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122804.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		11 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122804.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef8a8ca911c150883a403abc9fb10f0f622b7e5d3604b5efa9de1e3040b49bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
2303
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122805.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122805.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e05904054b6def1b931444c8df632cad0497c74c92e01cdadd2b6c238ddc0b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
1510
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122806.png
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		132 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122806.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3cba018faf3b460d8db232de1c521bb23ff53f21d7f904ec8fdca2e95fb50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
132
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT
2122807.svg
s0.2mdn.net/10392302/1636478485799/300x250/images/ Frame 7C24 		16 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10392302/1636478485799/300x250/images/2122807.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10392302/1636478485799/300x250/bannerify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca4a5654625775ae159b47b98ca6632a7e34940d064455f3ff03d51b5fcc63c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10392302/1636478485799/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 14 Nov 2021 00:49:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63196
cross-origin-resource-policy
cross-origin
alt-svc
clear
content-length
6862
x-xss-protection
0
last-modified
Tue, 09 Nov 2021 17:21:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Nov 2021 00:49:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJXg7coaKaKa_oU9W9FfOl8&google_cver=1&google_push=AYg5qPILflGm0y6DN6d4zTml3IFDVuGk2ZRHLdfJO3znijmNl0r9T5izM2JSZshV6s2iivdrDsl6usS7WJ-kFyrotkJXmJF6XBvBAQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&u=https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&v=5.11.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Domain
id.a-mx.com
URL
https://id.a-mx.com/sync/?tagId=&ref=https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&u=https://gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts/article_b69f7617-d8a7-58f9-ad10-c636fd1b46de.html&v=5.11.0&vg=pbjs&us_privacy=null&gdpr=0&gdpr_consent=
Domain
pixel-eu.rubiconproject.com
URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a94ec1c46f1f87cb5c34bd81&gdpr=0&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a94ec1c46f1f87cb5c34bd81&gdpr=0&gdpr_consent=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZFT7gAAAJTV7ABG
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a94ec1c46f1f87cb5c34bd81&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

333 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o object| MG2Loader object| googletag object| gptAdSlots object| poll_config object| gzmlv object| _matherq object| _comscore function| TNStats_Tracker object| TNTracker function| toggleComments boolean| bFoundOrigin string| sOriginID string| sOriginURL object| sFirstID boolean| bFirstRun boolean| bShowAd boolean| bInfiniStop string| sInfinityType object| displayedRegions function| populateInfinitySet object| infWaypoint object| infinityContainer function| scrubURL object| ggeac object| google_js_reporting_queue object| google_tag_manager object| scriptTag function| getHashParam function| canReachTopWindow function| addIframeBuster function| addTag string| websiteId object| iframeBusterPath object| COMSCORE function| udm_ object| ns_p object| _mather object| _mg2q object| tid object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbAsyncInit function| fbq function| _fbq object| _qevents string| biJsHost function| articleShareSticky function| callback function| evvntDiscoveryInit_1090907 function| stick_in_parent object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| evvnt_require object| Handlebars object| bouncex undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| FB function| atrk object| _atrk_opts function| ttd_dom_ready function| TTDUniversalPixelApi function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| _Utilities function| AsyncManager function| AsyncCall function| Identity function| LTK function| _Order function| _TRKT function| _Product function| _Customer function| _Client function| _Assembler function| _LTKClick function| _LTKSubscriber function| _Profile function| _ProfileItem function| _LTKSignup function| isWatermark function| SessionTracker function| SCAItem function| getCookieDomain function| _Session function| tapToJoinHandler string| _protocol object| _ltk_util object| match string| _ltkwmt object| _ltk object| customEvent object| jQueryLoadCall number| _jQueryLoadInterval object| ltkLoadCall number| _ltkLoadInterval number| c_start string| ua object| matched object| browser object| lists object| gaData object| appInsights function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| ampInaboxIframes object| ampInaboxPendingMessages string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| AI object| Microsoft function| __extends function| _endsWith object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights function| close_bouncex_ad object| MG2DL undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| Insticator object| gPartners boolean| rioc_required object| rc_head object| rc_body object| rc2css object| rc2js object| rc2js_beacon_619153eb0a1ac object| rcel object| rcds object| beaconNoScript object| rc_loaded_widgets undefined| rc_chosen_interests number| rc_loader_limit number| rc_loader_runs object| rc_loaded_hashes object| rcsc object| RevContentLoader string| rc_p_uuid number| provider string| do_branding object| Base64 function| rcjq boolean| scrolled boolean| swiped boolean| resized function| Hammer object| __pm_glbl object| __pm_glbl_0eShR03Fd9oB2Z4Rtr3o3BPR object| __pm_ads_list string| AdScoreObject function| adScore object| jQuery1102043458535494398665 boolean| headerTagInjected number| insticator_tg object| InsticatorXmess object| confiant undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent boolean| msgData object| InsticatorApp string| insticatorHeaderCodeVersion object| PWT object| instBid object| ads_list object| embeds_list boolean| isPageviewSent boolean| insticatorIframeLoaded function| owpbjsChunk object| owpbjs object| _pbjsGlobals function| instBidChunk object| insticatorUserTrackingMessage object| jp_conf_debug object| goog_ddm_ps function| webpackJsonpJpx__name_ object| Jpx object| jPAM number| lnt_z object| _event string| jpx_template_id object| adu6ejjo5 object| Jpa object| jpx_cls object| a0yh9swo53 object| acgjuvo54 function| ServeBackupAd number| infolinks_pid number| infolinks_wsid object| $iceboot object| INFOLINKS function| _typeof object| $ice object| $infolinks object| webVitals object| ar0790xo68 object| azaokpo69 number| $iceId object| jpx_ad_config object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| vttjs function| WebVTT number| vdata1636914161759 function| ILVideo

222 Cookies

Domain/Path Name / Value
gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts Name: ntvSession
Value: {"id":5238427,"placementID":1111735,"lastInteraction":1636914155474,"sessionStart":1636914155474,"sessionEndDate":1636934400000,"trackUserSessionTime":true,"experiment":""}
gazette.com/news/fbi-email-system-hacked-to-send-fake-cyberattack-alerts Name: logglytrackingsession
Value: dc5c951f-72f8-4d3d-8d34-8efb8c9e3334
.listrakbi.com/NmDGOWlMfZSP Name: gsid
Value: 4RFABK1Nj%2f%2bIc0bbzh6RXmz1q%2bP2m3PxYsxyCq89HMYsJItWG7F6Wajw%2fUbNIADGdoI0tB5o2oU%3d
.youtube.com/ Name: YSC
Value: _6yHoO3iYlM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 9STBbMM4ERs
.prcdn.co/ Name: __cfruid
Value: f0cbcd1c4b6e926c671e96cc8b44abf58591e1eb-1636914152
.scorecardresearch.com/ Name: UID
Value: 1UMIXYEUBS2TG6V85UFF2Dg1636914152
.gazette.com/ Name: _sp_ses.52ba
Value: *
.gazette.com/ Name: _matheriSegs
Value: MATHER_U2I_FIRSTTIME_20201101%2CMATHER_U2I_METER3_20201101
.gazette.com/ Name: _matherSegments
Value: MATHER_U2I_FIRSTTIME_20201101%2CMATHER_U2I_METER3_20201101
.gazette.com/ Name: _gcl_au
Value: 1.1.208864984.1636914152
s1.listrakbi.com/ Name: AWSALBCORS
Value: XsYdzSOuNQE1ZFnpjHGT5eUaIKbiKOia0nOXsPCRBIUWcWpEoBK2Arzk/f4+IU5DI3Cks+y6ODDENYNpeB6i9gDPYIwQRci3zN3BF4axnlwO5HCsR73p36m8CBAs
.listrakbi.com/ Name: usid
Value: 01a03fe4539e4db8947a945620c30736
.gazette.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.gazette.com/ Name: _gid
Value: GA1.2.873651966.1636914153
.gazette.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.gazette.com/ Name: _gat_UA-37551682-1
Value: 1
.gazette.com/ Name: _gat_UA-37551682-4
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlySobYBVIcd58cKEMcmSgin7nPoMXQgTj1fGHi904VxGMq32HV0KWdfMpHvtw
.gazette.com/ Name: GSIDNmDGOWlMfZSP
Value: 1549af91-ee0f-44df-8ae0-323993761db0
.gazette.com/ Name: _ga_NFTGWT90ER
Value: GS1.1.1636914152.1.0.1636914152.0
.gazette.com/ Name: _fbp
Value: fb.1.1636914153495.1670676047
.gazette.com/ Name: _ga_LM5S7ZWXZV
Value: GS1.1.1636914152.1.0.1636914153.0
gazette.com/ Name: ai_user
Value: Azu6l|2021-11-14T18:22:33.619Z
.bounceexchange.com/ Name: bounceClientVisit3610c
Value: %7B%22vid%22%3A1636914153815877%2C%22did%22%3A%224261799581449164663%22%7D
gazette.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.gazette.com/ Name: _pubcid
Value: 771754d4-59d3-4a50-8ee2-68458d9f0cfe
.gazette.com/ Name: bounceClientVisit3610v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgOYCGAXgKZKUB0AxgPYC2RAdpQO7oEBmARgEsAtJWalBYYSgCeKBGOFxS9ANaUAJsISNplNlt6l1w+jP6UATqSQrVw0mCsIe+UpYSD6TgPr8AbACcvADs-gCMIcIaABykUQCsMbyBDhrhAAym-hj+vOn8ACz+GnSIzGAgADQgljAg1SAolMQwANoAugC+QA
.gazette.com/ Name: anonDeviceId
Value: 26995d07a43c7e5c94d65d1c577b088a
ssp.behave.com/ Name: tuuid
Value: 66b2d784-bdc5-45db-b72e-1914d688e513
ssp.behave.com/ Name: c
Value: 1636914154
ssp.behave.com/ Name: tuuid_lu
Value: 1636914154
.gazette.com/ Name: _ga
Value: GA1.2.136574573.1636914153
.gazette.com/ Name: _gat_UA-37551682-2
Value: 1
.openx.net/ Name: i
Value: 771754d4-59d3-4a50-8ee2-68458d9f0cfe|1636914154
gazette.com/ Name: ai_session
Value: f/I/U|1636914154923.6|1636914154923.6
.bidswitch.net/ Name: tuuid
Value: 418307b3-2efe-4ae7-aa7c-feaa2462db53
.bidswitch.net/ Name: c
Value: 1636914155
.bidswitch.net/ Name: tuuid_lu
Value: 1636914155
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvYpOSLuu4hhcvfF0nA7IpD2Mwwb+teVYnriEIbya9WQiY/CRnOttFP9UQvGGCibH3iuEQj7rlY60gJFoUAVJp+RFRRKpwX/XOMxPcX9
.go.sonobi.com/ Name: HAPLB5A
Value: s56129|YZFT7
.rubiconproject.com/ Name: khaos
Value: KVZKF9I1-1C-9I5B
.adnxs.com/ Name: uuid2
Value: 7056585800145824787
.mathtag.com/ Name: uuid
Value: 1e066191-53ea-4000-9f9b-18f43ac809c2
js.ad-score.com/ Name: token
Value: GlODsLghdKJKG-hhll-fmoqWvjKmNbAD
.a-mo.net/ Name: amuid2
Value: aede31b6-0e3d-4419-a43b-1f9f1fe5fa05
.postrelease.com/ Name: opt_out
Value: 1
gazette.com/ Name: pmtimesig
Value: [[1636914155353,0]]
ssp.behave.com/ Name: um2
Value: !2,418307b3-2efe-4ae7-aa7c-feaa2462db53,406192955
.gazette.com/ Name: __gads
Value: ID=6ea4fd15ebebab7a:T=1636914152:S=ALNI_MYrccD-gyyzye5wUUIY3Zar5v0_sg
gazette.com/ Name: plsVisitorGeo
Value: GB
gazette.com/ Name: plsVisitorCity
Value: England
data.ad-score.com/ Name: token
Value: qOIiAVLqmRCln-5227-ZKSIEYdYEnjvn
gazette.com/ Name: InstiSession
Value: eyJpZCI6IjkwMmRhYjliLWU4YmUtNGI3NC05NDQ0LTBjYzg2NTdmODQ3ZSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
gazette.com/ Name: cto_bidid
Value: yWbCI18lMkZUWEIzOVAwcWg3cCUyRk10Q3BwelBFaEl2dHB0VXcyN0JNSVpMWmNBJTJCQmVKV3pwRmFWZjlmRmlWUGRiZWtXWSUyRlJaSWZSNkhZQjBIeXU5aXJ1TlNjWjlRJTNEJTNE
gazette.com/ Name: cto_bundle
Value: naxX2l9ROUpSU29uaDd0NldyOXMwaVV3dEVoV2d4RHQyMFZMMSUyQmVwajB5SndMZm9lQTZKbE95VzBPdVBQZW9OZzFKZm9XM2RjaGhhMTc4b25zQmNKRzZWakRDSXQ4aUdSbHM3THdjUDJsNWhmcUpieW5FQzNpSEx3SzZ3JTJGb1FWcGw5M3I
gazette.com/ Name: ucf_uid
Value: 85bec603-156a-4daf-9706-bcfeedf8f7df
gazette.com/ Name: _lr_retry_request
Value: true
gazette.com/ Name: _lr_env_src_ats
Value: false
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrz0TD5X1/TPVqbBgMWySGKFfwA8DlwVAE7dYRiD18nIIUgLTUFJUDfzm+o0dq9O85o2B05UvZjLyukxKKaob/0sqlSNZOaaDQ=
.adsrvr.org/ Name: TDID
Value: 5d37eff7-cbdd-41f5-a1e6-a7dab2310826
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: IJeU5cAuwbe7D5nF2Fd1iJCP8xPvsOBsisxrw_Kyz6FnwUZ2ni8yv5SU4dDLB_TKr1O18IbgqI8Tq2E47gZfCUa4qdueA8aFnhF90WTEgS5y7dJIsODVEw
.gumgum.com/ Name: vst
Value: e_aa746db0-a187-4024-b7cf-8d4241c65786
.adnxs.com/ Name: icu
Value: ChgIyvBfEAoYASABKAEw7KfFjAY4AUABSAEKGAiXvXcQChgBIAEoATDrp8WMBjgBQAFIARDsp8WMBhgB
prebid.a-mo.net/ Name: __amc
Value: 2_1636914155_1636914156
.gazette.com/ Name: _gat_Insticator_Embed_v4
Value: 1
gazette.com/ Name: _lr_geo_location
Value: GB
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.rezync.com/ Name: zync-uuid
Value: 1eec75aa-4353-4199-a2cc-50919ffbc07a:1636914157.53
live.rezync.com/ Name: sd-session-id
Value: .eJwVik8LgjAcQL9K_M4eprgcQofAXaLfIhjJuojpIE2XuAn-we_eur33eBsUgx770mjjIHXjpAOousabhXSDchiMnifPkBB6pIwyQsKYsihOWAJ7AFZb23xN0dT___DyJ-aPTq1VqHLuRIYhLoSg_NBrzhcVoRPyTFF2_bO_tJjV71vLI1yVb_dZyGoSEk-w7z8gKjGD.FHLlbQ.-lFHXZUq9mLBZ32_FAsQNzCtVHY
gazette.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%225d37eff7-cbdd-41f5-a1e6-a7dab2310826%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-10-14T18%3A22%3A38%22%7D
.gazette.com/ Name: panoramaId_expiry
Value: 1637000558132
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4AC4D667-EFFA-44E4-8780-780E7097946F
.lijit.com/ Name: ljt_reader
Value: a94ec1c46f1f87cb5c34bd81
.casalemedia.com/ Name: CMID
Value: YZFT7mekqH4Urk7gkrt5pgAA
.casalemedia.com/ Name: CMPS
Value: 1852
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea76274b-c6da-485c-adec-d489e345a118-003%22%7D
.casalemedia.com/ Name: CMPRO
Value: 658
.pubmatic.com/ Name: DPSync3
Value: 1636934400%3A174%7C1638057600%3A197_219_201
.justpremium.com/ Name: jpxumaster
Value: um-39a25368-aed9-4d54-b4e4-9aa6e4fd553d-1636914158
.justpremium.com/ Name: jpxumatched
Value: ox
.w55c.net/ Name: wfivefivec
Value: eM6dyD7x1MMk9g5
.simpli.fi/ Name: suid
Value: 98C4241FFEF6498F8A96F2CFE007E27E
.quantserve.com/ Name: mc
Value: 619153ee-a0607-9f008-0909d
.erne.co/ Name: u
Value: bbHKJLzImMxK3apmSHsAX0Su
.mrpdata.net/ Name: U
Value: b0fbba4d-4892-e05b-2674-1f7193b5ee7f
.owneriq.net/ Name: si
Value: Q6902005581542410281
.owneriq.net/ Name: p2
Value: sv
.adform.net/ Name: C
Value: 1
.gazette.com/ Name: nxt_upd_ac_GAZETTE_GAZETTECONFIG_PROD
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZFT7gAAAJTV7ABG
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxNbA0NjYzMhPiM9S1iDKI9Kr0TMzw8UyT4jU0MzazNDQxNLWwMDQAAOr_phk0AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0NjExNTUxtDQxNbA0NjYzMhPiM9S1iDKI9Kr0TMzw8UwDAFFOemclAAAA
.lijit.com/ Name: _ljtrtb_1
Value: 8827102409063552111
.gazette.com/ Name: nxt_GAZETTE_GAZETTECONFIG_PROD
Value: {%222%22:{%22100079%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222021-11-14T18:22:38.749Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:100079}}
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ad4d3122c0a71ba9
.mfadsrvr.com/ Name: tuuid
Value: c5c0c37c-3068-4286-afce-8c72e000c93d
.mfadsrvr.com/ Name: c
Value: 1636914158
.w55c.net/ Name: matchopenx
Value: 5
.bidr.io/ Name: bitoIsSecure
Value: ok
.lijit.com/ Name: _ljtrtb_12
Value: 7056585800145824787
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.bidr.io/ Name: bito
Value: AAKNLU7DIqgAACi-pB65dg
.adform.net/ Name: uid
Value: 3998963926277376459
.lijit.com/ Name: _ljtrtb_76
Value: c855b54d-1ae0-4faa-9388-160b91090051
.mfadsrvr.com/ Name: tuuid_lu
Value: 1636914159
.amazon-adsystem.com/ Name: ad-id
Value: A6B9u0JORkgzsvkHjdrkaak
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.onaudience.com/ Name: done_redirects104
Value: 1
.turn.com/ Name: uid
Value: 3390519196593366163
.creativecdn.com/ Name: ts
Value: 1636914159
.creativecdn.com/ Name: u
Value: 7Elz9ZNhabe00Vbg8Hl6
.de17a.com/ Name: guid2
Value: 1.2869950818122420318
.lijit.com/ Name: _ljtrtb_43
Value: vk7GKb1Mmn2lHs8uuEjSIe5PzyClT8YosRtyyQNP
.onaudience.com/ Name: cookie
Value: ba55fc2f1c37e621
.onaudience.com/ Name: done_redirects147
Value: 1
.lijit.com/ Name: _ljtrtb_3
Value: 1e066191-53ea-4000-9f9b-18f43ac809c2
.lijit.com/ Name: _ljtrtb_85
Value: AAKNLU7DIqgAACi-pB65dg
.blismedia.com/ Name: b
Value: 619153EFF361BAF837DE31F3BLIS
.mathtag.com/ Name: mt_mop
Value: 9:1636914158
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3998963926277376459&KRTB&23263-3998963926277376459
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1e066191-53ea-4000-9f9b-18f43ac809c2&KRTB&16736-uid:1e066191-53ea-4000-9f9b-18f43ac809c2&KRTB&23019-uid:1e066191-53ea-4000-9f9b-18f43ac809c2&KRTB&23114-uid:1e066191-53ea-4000-9f9b-18f43ac809c2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-5d37eff7-cbdd-41f5-a1e6-a7dab2310826&KRTB&22918-5d37eff7-cbdd-41f5-a1e6-a7dab2310826&KRTB&23031-5d37eff7-cbdd-41f5-a1e6-a7dab2310826
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR&KRTB&22979-0IHSZtODjjLL0dth1ofGboCA22_LgNJn39S9L0rR
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFAPgOhI0Akjjq2oMwAGViI&KRTB&16514-CAESEFAPgOhI0Akjjq2oMwAGViI&KRTB&23025-CAESEFAPgOhI0Akjjq2oMwAGViI
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2869950818122420318
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7056585800145824787
.360yield.com/ Name: tuuid_lu
Value: 1636914159
.360yield.com/ Name: tuuid
Value: 7ea97ec7-0bfa-4b43-bd6f-9490d6b87c84
.volvelle.tech/ Name: ouuid
Value: 5e218d54-1ab9-4bff-9ae3-10fb68131e12
.volvelle.tech/ Name: c
Value: 1636914159
.volvelle.tech/ Name: ouuid_lu
Value: 1636914159
.lijit.com/ Name: _ljtrtb_49
Value: xMtxXf4qYirw
.advertising.com/ Name: APID
Value: UPd9768320-4577-11ec-bad9-020dabedf6f0
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAKNLU7DIqgAACi-pB65dg
.lijit.com/ Name: _ljtrtb_86
Value: 7Elz9ZNhabe00Vbg8Hl6
.onaudience.com/ Name: done_redirects219
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBO5TkWECEPGQG8AhLnj8KJvF2AVOi_AFEgEBAQGlkmGbYQAAAAAA_eMAAA&S=AQAAAttOIZkab45H6OmVHzNVr1s
.outbrain.com/ Name: obuid
Value: c92074b8-453c-4796-9e22-c9e5ccd8fc53
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-c9b027b7-1dfa-4a01-7e9f-634551431494.WvnLUVvBaG3RmiYBKOrzwmiMKTFplxD%2FUoFw5WH1rrY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-c9b027b7-1dfa-4a01-7e9f-634551431494%24ip%24194.36.110.165.CE4DnwXHONlHjePBzomfRjlGJXt3hnj2VEpyiNzb69k
.ipredictive.com/ Name: cu
Value: d996b4e1-4577-11ec-9d14-fb2c7a265914|1636914159560
pool.admedo.com/ Name: tuuid
Value: 312e0849-472b-4244-874d-2908fbb118e4
pool.admedo.com/ Name: c
Value: 1636914159
pool.admedo.com/ Name: tuuid_lu
Value: 1636914159
.lijit.com/ Name: ljtrtbexp
Value: eJxdkDkSwDAIA%2F%2FiOgWHZSBfy%2BTvuZqgcm28kjmGjl2Xh4gAuQ17MdU8UNtYq7P%2F8J4O7dcQoROVzvEJA5r1GNS6saqiv7hPkpxUKikjnXgSo2cm%2B6iBsa%2BoIeXb51uF8Jfj9%2BdniZQ3aauzOoPmwfuQ3vC8AP1RXJQ%3D
.zeotap.com/ Name: zc
Value: b06e985a-87f2-4a7b-7cb1-1d459992da3a
.zeotap.com/ Name: zsc
Value: %86%BF%03%F31%14%90%A8%FCp%B1%89%9C%E6%9D%1D%7F%D92%E6m%C2%A2%B0%8Bb%CA%B6%84%5E%5C%07%1F4%1A%8C%98%14%C8%CC%AEfsb%9E%C1%2C%91g%C7%D0%0BX%28%10iS~M%D4%1BG%08%05%AF%3A%D4%DF%E9%EA%D0%CD%D8%A5%A5D%B4%EBg%A1XQ%B8
.openx.net/ Name: pd
Value: v2|1636914158.2|fogSj8w0gmmWkivStujofcsHqGgqvWvtmuiyvQsLiSmOgevNomgusfnsn0rFw9gi.vTw2
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 3bc2df10-32e5-4a9f-9556-00a49ca31da7#1636914149955#1
.tribalfusion.com/ Name: ANON_ID
Value: a0nrAkS3n0hryoxDnS6KwW5ajmKlXtwLlsvVKHBWGLZclGME2ieSfXU5ZaFQ4GaCpiZb4MrvawZbpFbD
.creative-serving.com/ Name: tuuid
Value: ae549f4d-91cb-43ce-ab11-9ad6a8b1d5c9
.creative-serving.com/ Name: c
Value: 1636914160
.creative-serving.com/ Name: tuuid_lu
Value: 1636914160
ads.avct.cloud/ Name: uuid
Value: 6dd0f3b0-f1a0-4869-901e-8cd542e2c5fb
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1636914160
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 974e66315ea5176b68295dbf7d19d07b
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDQ3STUzMzY0TU00NTQ3SzKzMLI0TUlKM08xtEwxME9iAILEicEfQDQUAABKfQrL"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInBj8AUhBAQAa8QI2"
.lijit.com/ Name: _ljtrtb_5001
Value: 974e66315ea5176b68295dbf7d19d07b
.outbrain.com/ Name: apnxs
Value: 7056585800145824787
.lijit.com/ Name: ljtrtb
Value: eJwVj8tOAkEQRf%2Bl11ZS1V3VXe1uRIMEIfggkWXPMENAfCCgjMZ%2Ft9jec%2B5N7q8jd%2BlUfSL0jBljEPFE5C4ceUMJJYqKIhKLek6aDAUj1GKMlAkktAUYESF3uQbSjkNpFHPjTeVs7mlyOD13vFusP78tU7GsqsbTu3m6Hu1WVTVYw8dVlOXq3Divf72k4bimyeub397u9Xi82TyOWpn99IPtky7e9w%2BHvr%2BfzsxP0fxGRWrhJVBpEbgrBXJQBYpYZ7JjKOT%2B%2FgGq2Ty0
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjgobvcuOmTOhAFGAEgASgCMgsIrO33ls_pkzoQBTgBWgZndW1ndW1gAg..
.360yield.com/ Name: umeh
Value: !79,0,1699122160,-1!313,0,1699122160,-1
.360yield.com/ Name: um
Value: !79,RLUIWGJAubgDVrMcLy7mE6qLGTX1VOPQ0WN6DYisg6baVgrWmsKwpfkQA83ah5uVjlb3GVG.pLlHNbD3,1644690160!313,RLUIWM1GZkjGgQhxQGPSSRcplsxVSRahFjiS0KT4DAIhAz4xbSjUUoCsE3ladQCRpjInZT7CKsCX.40R,1644690160
.spotxchange.com/ Name: audience
Value: da422b3c-4577-11ec-a9a5-132476d60106
.sportradarserving.com/ Name: zuuid
Value: 5e800d9e-014e-4f5c-bb2c-22fea47ba1b2
.sportradarserving.com/ Name: c
Value: 1636914160
.sportradarserving.com/ Name: zuuid_lu
Value: 1636914160
.aralego.com/ Name: sspid
Value: 323087e2-de4a-365b-80c8-f52ef591edf1
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1636914160
.infolinks.com/ Name: cuid
Value: 30d550f9-5fa4-4d62-898f-6ac406fd05a3
.outbrain.com/ Name: spotx
Value: da422b3c-4577-11ec-a9a5-132476d60106
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~21j6:192u~21j6:18xp~21j6"
.yahoo.com/ Name: APID
Value: UPd9768320-4577-11ec-bad9-020dabedf6f0
.yahoo.com/ Name: APIDTS
Value: 1636914161
.pubmatic.com/ Name: pi
Value: 156872:3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ea76274b-c6da-485c-adec-d489e345a118-003%22%2C%22nxtrdr%22%3Afalse%7D
.quantserve.com/ Name: d
Value: EOEBGAHcJPijCJiTCuu4EA
.pubmatic.com/ Name: SPugT
Value: 1636914160
.infolinks.com/ Name: OXUSERCOOKIE
Value: 8f2c491c-e380-422b-95fb-975f111f9a96
.cpx.to/ Name: cpSess
Value: 6de212b4809e64c4
.cpx.to/ Name: dsp_app_nexus
Value: 7056585800145824787#1636914161106
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAADvEyGtoZmxmaWhiaGZgbG64igXON7WwNLZcJYYkb2JuskocwTc0NDQGAPHiY1dAAAAA
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-W33f4ItE2uGcaripW7wEXs1C6CraMED.~A~UPd9768320-4577-11ec-bad9-020dabedf6f0
.infolinks.com/ Name: ANUSERCOOKIE
Value: 7056585800145824787
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-mkzxzQ1E2uHquzazAs_kFo4iopkS.4JK7LLL7_I-~A
.casalemedia.com/ Name: CMST
Value: YZFT7mGRU-EA
.casalemedia.com/ Name: CMRUM3
Value: f1619153ee05a0&5a619153f005a0&bc619153f005a00&be619153f005a0&29619153f005a0&c3619153ef2760av-d5a5e59c-ea36-495b-96f6-39df4e9f02ab&41619153f005a0&9c619153f005a00&b0619153f005a00&2d619153ee05a0&ce619153f005a0&bf619153ee05a0&2e619153f005a0&51619153f12760SI3V2UuPiY1T3dzeTovB0RiM3NBTjNXYR9jx4Bdl&49619153f005a0&33619153f005a0&04619153ef27603390519196593366163&6f619153ee05a0&27619153ee0b40&58619153f005a0&40619153f005a0&82619153f02760AAKNLU7DIqgAACi-pB65dg&03619153f005a0&e6619153ee2760
.infolinks.com/ Name: IXUSERCOOKIE
Value: YZFT7mekqH4Urk7gkrt5pgAA&658
.infolinks.com/ Name: R1USERCOOKIE
Value: RX-ea76274b-c6da-485c-adec-d489e345a118-003
.nrich.ai/ Name: _nauid
Value: d5e76e24-1020-42c5-a966-7f47b1fbdf8a
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: ""
.tynt.com/ Name: uid
Value: tns7F2GRU/FCUPKOYBGeXQ==
.infolinks.com/ Name: ZTUSERCOOKIE
Value: 5134455419450933626
.scoota.co/ Name: tuuid
Value: e3745e2f-3bf5-42c9-821b-bd61ff8bee24
.scoota.co/ Name: c
Value: 1636914161
.scoota.co/ Name: tuuid_lu
Value: 1636914161
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: a94ec1c46f1f87cb5c34bd81
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-418307b3-2efe-4ae7-aa7c-feaa2462db53
.pubmatic.com/ Name: PugT
Value: 1636914161
.pubmatic.com/ Name: SyncRTB3
Value: 1637452800%3A223_15%7C1638057600%3A13_54_56_3_220_8_161_71_21_7%7C1638144000%3A35%7C1637712000%3A63
.tapad.com/ Name: TapAd_TS
Value: 1636914161408
.tapad.com/ Name: TapAd_DID
Value: 77604591-6b71-40e7-a3a5-ff2907c816d1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 4AC4D667-EFFA-44E4-8780-780E7097946F
.audrte.com/ Name: arcki2
Value: f01Yp7K9r9fTt-SF8mB7CBk8A!20210804!1636914161558
.audrte.com/ Name: arcki2_GDPR-CONSENT
Value: !1!1636914161557
.id5-sync.com/ Name: 3pi
Value: 160#1636914151062#922352679|146#1636914150759#-944847444|19#1636914150880#-760212373#974e66315ea5176b68295dbf7d19d07b|916#1636914150340#-2147415336|340#1636914151144#922352679|441#1636914150027#1679051716|473#1636914151715#1839185571|124#1636914150510#-2147415336|349#1636914151958#922352679|398#1636914151897#271566433|175#1636914151958#271566433
.gazette.com/ Name: _sp_id.52ba
Value: 1d675a9b4f9823b2.1636914152.1.1636914162.1636914152
.doubleclick.net/ Name: DSID
Value: NO_DATA

10 Console Messages

Source Level URL
Text
network error URL: https://s1.ticketm.net/img/tat/cft1/201309/20/295830.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YZFT7mekqH4Urk7gkrt5pgAAApIAAAAB&google_cver=1&google_push=AYg5qPIlV8xjb92SZCExAhLlIo3ihLtQb0Btytb6pTCwd5MrsK9LbmtVcZQDiJB5MQYuaR3c2L-rJEgroe7aKWiBckiFyIOaNYS0&google_gid=CAESEEBXZY455P4zG2TNXCEiRHU
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://id5-sync.com/c/441/349/1/9.gif?puid=61796337130459320960752158014178954622&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security error URL: https://c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11932988962522111382/cs2204g0024_122_587153_uk_cs_co_fy22q4w2_oa_bfwarmup_mjsos_300x600.html".
network error URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

547e6e857879b75c07124f317d026f72.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
a.volvelle.tech
a4e7620d7290626a2ec52428f94b4185.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ade.googlesyndication.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
ampcid.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-mg2.db-ip.com
api.bounceexchange.com
api.rlcdn.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats.rlcdn.com
auth.instiengage.com
az416426.vo.msecnd.net
b1sync.zemanta.com
b2c.insticator.com
b2c.instiengage.com
bcp.crwdcntrl.net
beb1bef9dba578042559479f5c0f84b2.safeframe.googlesyndication.com
bh.contextweb.com
biddr.brealtime.com
bidswitch-eu.splicky.com
bloximages.newyork1.vip.townnews.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
c621573bf6f3ff72575252c860779541.safeframe.googlesyndication.com
casale-match.dotomi.com
cdn.adnxs.com
cdn.aralego.net
cdn.ayc0zsm69431gfebd.xyz
cdn.czx5eyk0exbhwp43ya.biz
cdn.districtm.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.justpremium.com
cdn.listrakbi.com
cdn.revcontent.com
cdn.sbgsodufuosmmvsdf.info
cdn1.opstag.com
cdnjs.cloudflare.com
ce.lijit.com
cee2be2849ea8c10f29acaa7da8f27ae.safeframe.googlesyndication.com
cm.adgrx.com
cm.g.doubleclick.net
cms.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.turn.com
d1wa9546y9kg0n.cloudfront.net
d31qbv1cthcecs.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
data.ad-score.com
data.adsrvr.org
dc.services.visualstudio.com
de.tynt.com
df80k0z3fi8zg.cloudfront.net
dfp.bouncex.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
discovery.evvnt.com
dm-eu.hybrid.ai
dmp.brand-display.com
dmx.districtm.io
dsp.adkernel.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eu-u.openx.net
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
event.instiengage.com
events.bouncex.net
evvnt-api.global.ssl.fastly.net
evvnt-plugin-proxy.global.ssl.fastly.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
fra1-ib.adnxs.com
g2.gumgum.com
g2insights-cdn.azureedge.net
gazette.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.prcdn.co
i.ytimg.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
insticator-d.openx.net
insticator.technoratimedia.com
j.mrpdata.net
jadserve.postrelease.com
js-sec.indexww.com
js.ad-score.com
js.adsrvr.org
js.matheranalytics.com
live.rezync.com
loader-cdn.azureedge.net
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
odr.mookie1.com
onetag-sys.com
openx2-match.dotomi.com
os4m-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
polyfill.io
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid.a-mo.net
prod-cosprings-proxy-connext.azurewebsites.net
product.instiengage.com
production-evvnt-plugin-herokuapp-com.global.ssl.fastly.net
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.owneriq.net
r.scoota.co
resources.infolinks.com
router.infolinks.com
rt3002.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.cpx.to
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
s1.listrakbi.com
s1.ticketm.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.behave.com
ssum-sec.casalemedia.com
static.doubleclick.net
static.instiengage.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tag.1rx.io
tag.bounceexchange.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tracking.justpremium.com
trends.revcontent.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
us.ads.justpremium.com
use.fontawesome.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
z.moatads.com
cm.g.doubleclick.net
id.a-mx.com
id5-sync.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
ums.acuityplatform.com
104.111.218.85
104.111.219.144
104.111.242.245
104.111.242.53
104.16.190.66
104.17.119.107
104.18.131.43
104.18.7.244
104.26.4.15
107.178.250.234
124.146.215.44
13.32.20.11
13.32.21.201
13.32.22.112
13.32.22.79
13.35.253.42
13.35.253.70
13.85.16.224
130.211.115.4
142.250.185.162
142.250.185.226
142.250.185.98
142.250.186.66
142.250.74.198
143.204.215.70
143.204.215.96
147.75.38.124
150.136.156.92
151.101.129.194
151.101.130.87
151.101.193.108
151.101.193.194
151.101.66.49
151.139.128.11
152.199.22.191
159.122.14.34
162.55.6.211
172.66.42.247
174.137.133.49
178.162.133.149
178.162.133.150
178.250.0.157
178.250.2.151
18.157.213.64
18.159.140.98
18.185.243.227
18.195.155.181
18.195.217.206
18.196.230.57
18.197.21.136
185.184.8.65
185.29.132.245
185.64.189.110
185.64.189.112
185.64.190.79
185.64.190.80
185.86.138.131
185.86.138.144
185.94.180.126
188.34.190.28
192.104.183.109
192.132.33.46
192.96.200.41
193.0.160.129
198.148.27.139
198.47.127.19
198.47.127.20
2.18.232.130
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.40
2.18.235.93
2001:678:cb4:bbbb::13
208.100.17.173
208.100.17.186
213.155.156.182
213.19.147.43
213.19.147.45
216.52.2.39
216.52.2.48
23.37.38.181
23.37.42.132
2600:9000:2057:f400:a:deb0:3380:93a1
2600:9000:206f:5600:18:a82e:7180:93a1
2600:9000:206f:b600:9:78a:e540:93a1
2600:9000:211e:aa00:17:5bae:c7c0:93a1
2600:9000:211e:c800:1c:386f:ec80:21
2600:9000:211e:ea00:6:44e3:f8c0:93a1
2600:9000:211e:ee00:10:3422:3f00:21
2600:9000:214f:aa00:1a:5302:20c0:21
2602:803:c003:200::21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1857
2606:4700:20::681a:567
2606:4700:20::681a:ad1
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6810:5914
2606:4700::6810:7eaf
2606:4700::6810:bbdd
2606:4700::6812:bcf
2606:4700::6812:d05
2620:112:f000:bbbb::11
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2016
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::2006
2a00:1450:400c:c1b::9c
2a02:2638::1c
2a02:fa8:8806:12::1460
2a02:fa8:8806:16::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:600::282
3.122.66.229
3.126.56.137
3.216.236.90
3.64.78.138
34.117.4.53
34.120.133.55
34.120.253.250
34.149.20.76
34.195.91.69
34.227.85.106
34.239.232.96
34.96.105.8
34.98.64.218
34.98.67.61
34.98.72.95
35.156.121.212
35.156.135.60
35.207.10.239
35.210.178.101
35.210.53.219
35.227.248.159
35.227.252.103
35.241.40.233
37.157.4.23
37.18.103.16
37.252.172.123
37.252.172.38
37.252.173.27
38.27.122.158
38.91.45.7
46.105.202.126
50.31.142.159
51.178.20.139
51.210.112.236
51.68.39.188
51.89.9.251
52.16.151.94
52.19.63.112
52.202.233.191
52.214.119.250
52.217.48.212
52.223.40.198
52.236.186.216
52.28.175.201
52.44.220.233
52.44.73.66
52.46.130.91
52.71.177.7
52.72.174.10
52.9.67.232
54.194.211.3
54.194.226.253
54.226.209.67
54.239.37.23
54.36.109.47
54.77.47.243
64.202.112.127
65.9.58.92
65.9.65.116
65.9.69.29
66.155.71.150
69.173.144.138
69.173.144.139
72.251.241.206
8.43.72.97
94.23.171.206
99.80.164.0
99.80.191.196
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06bdb5aad62e25545223054c328e29871553aeb52178a6ab5a9955ff441dc229
07a2a7eb634050498cfe5ba3892d940c5ce3dea7f5f947df66b764cd569d818f
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
091b44da15c8f8ea360b36ea12fca73538414c6bca447ffab28f65cb549cc9ed
096139040233805c0c6ef35c3ebf2736ce5df153d3d340277d96aebe58fe1ef0
0aa2ea8fd365d9a536a95b4dd5aedd224691d0104b78365d1f0d8a386c63ad28
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b0b0b673e9dd54874d4a47f1348fdcc93a172fddf681e78dd44bfd86e4f8d79
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5ab0260a7860ea167511114f1b2a1a8c5dff2b1a3885e2c2e70fb54c4e7a9
0d4715ce85cd25f966cadb4540ee6ba9a43aa104f659b1a3e114540aac81066f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10079154e527bdf6a403e0b5ad9ac73e95ac886c5caf47e8b37b5c9147cd7d76
10149e81621b3a46836cd42ffe55748208254e3054a3013cbd6dc6b9d593521d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
149f318a7105d32c890b485ec0486bdbde246eeee2162165abf15b6f651335a0
14de714d5b5b81cad661d0842adf384d656d54600672693161487bb327738eea
1518d6b3f4564b45fbfd24f6a4e4099535c383de532dbdcb26606f0aa565ba00
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
15eb73d068360da6c34cffcb4cffd9c61576388f90b3a0ab0520a3e4093e3846
162a3eebb385684e99a8b624b77189f9b5c38cb51d1b814c1c3a84fc17c324a7
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17552c5361dccddf89d7807e5cc51b5b77e86c353ac3cecf05a81fff9e503613
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
194d650ac7e135966c31cdf96e916fcf35cc135c8150f8c4020c79cdf50ecc38
1a131907ab42a839bded683568aa84e084a257d3c8dcd2e1a6910dc62bdfdbf3
1cdf62c1e8457fbdfc501be5b8588d23eccdf8373bfd14cfad9a3c05961c22e4
1d131016b71d2cfe833921f5f0ff1db2341b3657cad364bab5772c2505b670e3
1d4fd2a2e348b54f827e691e132bb210be2f53074f0ec2b48b796aead26e488f
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1dd75eb14b56c828bd743b9d18ac13c164efc421a644f9dd82457e346361819d
1e179d6a8773780564d39e57d353f10a65571608ca906261df97625f6427835b
1e2b9aa4773b8f1dcb906a96a08954329b86b02c1179394f52c984efbcd6ec7f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1fd343a374995be4803476be66583d56870037607e1d3978443bf5c1fe6bdbf3
2115355197c9a58d03beeb8e1dbce3b8a10ab6db5a3f39591635efdaf1187037
21395d9b89133e2ce8d50227b782e496a2a4b9d58165964edc80abf4fab0ac61
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23532415e93570edd013faf223d958a9e8d69cb05ee55c2d46aba25c43aa5bd3
24bd8495d7ca75a868cb6689e22a224a5831505cd6d25284d5513351599741bb
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
2845cdcb52d51c56c5f2e400de8d052c51a48ec5ac4f368ddf92d367ccd8610a
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
29ab4573eac31df19f60fb5e1ca43abbf6a606b864908af0b503b57a69729a47
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2bdb6a4438d141b0efc22cf06a5553cb3ed29bab5c086a2e11970e9d5ff52328
2bf988171c1dfaca42ca163d70cf950ff080414b37c7ff592272f759f1b224f9
2bfdaf67e7fabf1e8503db98b3fa201342d42cf70d32defe96c676b142b34df6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e57b4791b1f505a38d73a505e91a467a6126593ae8a5d7b55acadd915a406ca
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
31df362a59f4df86981a82724e76d5be77f3e35d2bfc18ea4294b6dedd018d60
3281a834c51d96400d6d0a01ff7dbb6eb12d94755e38571ba8c555487a8c2cac
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
342cc88a7e72ea0f0089af7a7a00e1de04f47a0f859beabd32ee8ae123d1b1a6
34f66e0da13cae3e47b11da471fdf881280333b3ff2583611715640656b338ab
35723694d7d1f70e33125469a3b45d97364d5f253f41d730cd2e598ef79da70d
35c560324c7f03d65de3340a88510ef32d8702b8924f2c5e87468e12a13e8906
35c83394ab0ce794102bcb7df6d0c9521530774937fcae822f0844ec8759bae4
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39830ef676dbbc8f2ff515799bd3fac78ebc326019303c8c8170b82d9443327b
3b30bfd38d2ed1a5f3aa6c1f15a0cb2cadeb2e5a2208373cd27760f3ef5c6800
3c18a19a75aa33b96fe1fecf3c8bf7812818f4eeaf36cd43236d19ed8d6bec93
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df9bdf2a05121f741f73fe86cfe1c04a66a2a21f4a48684715ca647a0820869
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5172670a97cf452133f745390529427f6dea7a260b71cade101821159528aa
3e6f9dc5ccb76df148d932e79a5c3103b84d3792b9c79da577af3992adfac54c
3e9a639e1c50fb5f7ccd3c2dc0639225edb6806ab3e7f61f27567d97f2068ff8
3ead743fa3a6384a59a23f22f9016cffc7eb991aba09b5be6a59e9d1eba128b3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f87c3579b09bb633ce3442000e8c09528522f55274a4863cc142bcd40494547
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400c744a051fe9b1e71e702dfa19403b9a6f897d0bba5a50af20111ccc355601
420eb953db5dd75200b4c63f8c2ecd659a352b6d712e0866da4c04255f0ad163
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4329ee5a90afd8ee0de17df581b8ababe5591352f8f0001e6e4698a74d6e5ce3
436036e4ed46bb147415982568cd6ecf32eb3defeed8e3a9098048a6ea86b8a0
4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6
44fb6b541d93927f474f9aa4bf3aef66fda5c42a3cede8c3fefc8ce99bc3199d
45a44547bc03bf28eef08b155e355f497ca18ee852614d0dc602b91e20c64512
45e728528526fb70bc96add20672847b6630ec4cf2751e1b3a40ac8ab0fed08a
468bd6764eff264452e2cd22f06d3ccb569941caceff828cd1bc0374a4774eff
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
482ebc986336ac12208d752885273b000f8a123e8f93b112c10a11b10d80a979
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4863e495ac4c7b63975b0942fb92372c342ea3ea27cca8624e2f85ef258af169
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f597dafcaf4a25013deb2cb5e3d118e16a44854a33bcd179048ba73a593985
49ec0963f84b45ba6637b3060577afa7094a7c8a6ded196e71fd0504dbba763c
4a99f50ed67bc5af9fbbc1bd38f5f4f995a365e383cb955c3821a9e96c0df775
4c423d99ad97c6c65df32f16a5cbaeb919ea95ab61b4187800963476eae61286
4d879dc49446960b0f81f9b6744a1d1cf6284c677763102a1ee6bb47f17963d1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec071d637b3d1f456ab45d5c1a1b25461cfd79958165b227a7ffae7fcce4096
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5113e7c222f6561582416fca2c0f323667f21b968a90db36b7acafca699a2900
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
526c1d5017e3763f769e1ad887784a5b962b480d180941d51c19b217ea71686f
53242c6a583591240cc6377a2c01dcc1510f97933f5ee4adb17f04df53a15f99
543bb245302ba84d5289d93ada70cd83d8c77bfbd3b7569497efd5463849d43a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
563f347707f5b6412e16bb68768d6986e88b35949d41b35d42b5f182a3800a15
56e66949544e26ca3478f96ca9293fc6126e147d30b543be8f29280ccdae8b7f
57bd31e52e26b2440250b6e403352da126160c7ac65832b6045c10ceefa8c74b
5801a0be03a825391230a9dfebbadcb6b9cec07dd3ba51e38d5a180172c8fd6a
585008da83950fc044e28b4756888e2957012c0b44935d1d1d3471a974977026
58b3d45695078aed2b5551b3740978ddcb9a4a770f769609ca011bcb684a3c08
59c3fdc9374d441d370c498afc7a42521f902cb7c1d035f7fb4898c3cf5da423
5a10fd839a65145a5b3be7cc4ef34261a95c1e6bde8588cf6ea9edd7c860f08a
5a3d06d1b1f501f2093b356eda8275778f948abbf611429866909e5589f12b46
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5ae7208e6db89989a60daa793981e1cd0f29020b434ad735bd2dea7a704fd5dc
5b38c02e10c1bdb5c6a27aaa7ca7e62ca4d1fe2285c5029bc91ffa9419be83bb
5b492bcc760394392f80ae8e079819f5133b20b7c709fe9f556f5e5f7cf001f5
5b540fdc0bc0ccb46a286a47d026cb1b464655c72f75b96c42c155f3c147d63d
5b590224ecb863f3231f09aaf7be829a05e738cf8c126271505957b78dbed7b8
5beecaeceee4fae5080c40d2ad96dd7c0b7e5a9bc242fbe2b99ab1276aaaae94
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5f0c2d0ba66ac4d035132fbdadedd07deaa020a5d3dd7c0ad338412373a25698
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a
612bdc9d356ad2e2bd3f305b153c06a23717f7920224adb4af1ab9f3e3842cf7
61f12658f0c6570290cf6c47de28bac446360ce4c277d6e83d630a7f84ff2216
621af75f2379c4ead9f7b97aaae0d2450c6cb790dec88122c860ed1510a19a5c
62e8c92b04062ea7a25a8cf8f2ca6a03b27a1cfb6b7b48d3480d17252fa1eca7
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6446281d52a46f0de17191bb7e7da0cf35c413a55f6409150490d53209ba2131
64b4a949dc15705700b17db5dfa4893a9076cbc2ed5e0363b35ea2e21668c8d9
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
64bff75a60c41b34a4deb9ce811a1e48a1b17bc3d3624715354764f6ae57cb63
65697cbb932999bc0c234f2ef0ce8c6c8c1be71224f15e90f6e0abda7dc59ad9
65d4e970bca5c3d79e13e53087083a66f5a4a148ec2e096da7180fe1f13d606c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66bcce3d7fa7797fa463a86a5e6cd457ed4dfc30a6d221ba15e2b8d53a85ef21
66d34755720965b731d75bde11087db2475d50c3779d4c6ac6e5915472c4f289
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
683c33c0cff53a5ef4a3e32079531a47f2a484af352d445dbcda36e6af932a15
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
695ce10188e5306fcbf679b7cc125b6eac681d124a85a5908bbd8d0079a47e9a
69aa7a31b7109cd6dd898e019a98a1636b51ed41e9b5214630dc765fd74c3ea3
69b3f18a92225bbb7a058ec3f204fb092538d8671e3b92b98c1cc44e99a6bf5e
69c1ad804d66f46498c27b981ba3ab3ec1be2e41db1dfb2d309a5a3994c6e741
6a2668537efca0aab9631e71d4db3c9547b19d58ec2ef731845da31150c9bd9d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1024684a031f54a865ce6dfad1c1354298ae8e429ffeff9fb7b1bc781e2607
6dccc4b11c45fd4541d1ab7b379de4078e270b2ff0ed6010063222f8cedc82a8
6e9abae6b10c6b284fa91e5f2eda070db1f4e1de962bc41c9bd86181331f66e5
6ea7493e3b8e0eba1e4d58703645b4459d2ddd2b6ab09ae934283d6bb4298e5a
72058eaf777e91ce4a1bc7bd7aac7bb09633385e9fe4390e5c9b8cbe932abb3e
720fc8162228d073f37bf4fe45f322f5eca29dbaa5fb48b570d8fd82d064855a
72b7c9a124fb00b66b2a1eb3346c198fa0cae903f8feb43616513465bcfbba18
72be4d2f8a697f1580885f1df8b7e6ca2a620b41a78c8d00eb7241fcf1abbfef
7317397fa8a64d5d5a47e9c24a46f6192a6488c7204483e06dcd5f50375b730f
732e758e2026782f50ffdeac97d87ccdf55b9603e741fd518afca9e50244dc8a
7483922bc2813e8b4dc52f32bd2e2023dae9e75707ff6935dc1ea0831e674abd
74da9970918913668e3db233ef647f46029a8d130f19faab8643fd5459e7f6b5
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
75b79222f37e93e1e3ca9a73d5a7a49ca318f302b34605bafeb3e3e425442f81
76f77a5781177d56d56131ab4fd0c7215736d1b13d44d0a3247c0e6db42c0199
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
783903ef98ebf40d81aa6164ad724616d5671817e3c08c1e228477a4b97b4828
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b73fe04f5f2c5d3bfd192f2fc3d3a3200e0bad319f8e7f730b0395131acef08
7c10e7f39f0a3ab53d830baaf3e6ac6f59d4b3872bbb81e71cb3acd9fe596aba
7cb935cc05135c50bf5fd1f43b36d19555b6d7429a32a176cbbd9a0333ce666f
7d48ebc39595f8a34aab4c58dc632a50c2092d9e5e130235c78ba9b3ed88c858
7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5
7dd70d179376e832baf53bd2b946e92024e1a47047ba29ba55883dd108bc0bdf
7e09278550f1055f849e9cb23ab9437afc6fde1cb66afeca74406a478818622e
7e882b0689f331388213cb62ea82911f0bf23cd49e623080d246e55fe4051d0c
7e9502396b2581cf5d4fd513c9ca9c03632653042987e0ef651dd74064ef636f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
82d0dd3043d319327127aada3f138047a253182183fff208f60fdf7e1141979b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84814a48af078e0dfe6fe32f65eaea88063c97e417f1dad9efc6b9389044dad1
84f2e6a0dadec94c98ea2cc24db4b4312554f05d8248b72c5c9e4042285ac7f4
854175efc6b3954fa1de475147e7327a0a16462000f927ddb602b07e38410dcf
85b3296366e5bc195665f7562a8d64aff84b506141c42a6521d8006ab513f8f0
85facb678e0418a35efdfa3d73f0383b6c6d5dbe7d6bdd3abae93dbcd378a479
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87b11389685f99baf3f7685bce4814a3a511dba56edfa5a07d900893c1d79acc
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88b13d227943f0a6436e4a6a9feee2b0331bd923efcc89d525fb72f543243f22
88d10338acc20bdb9c7baed8599034430d6d939168a270719721004ed71ce250
898ccb5361ef7cef2af948b76319d4f079b652fe482803e8060122a38d9e4808
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a45cd1c8fe006ffd96b841654ab7f729b1e4524988753630fef8920010fd3f4
8a78cef0b7848d146a9983a7ec0e37c321eef8a01d5847caa7483e5ecb86be04
8a830c8889ca14a3c7517a30d0073dae7744841a5cb67e1f527acf8652b65469
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b9f6cd56af0864013f73c68bc3b5e57d60cce01cb8a16f42747ab1257d57218
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8edf2c2a0f53664c3c0e4d5eba42f14a48f97c5ece663349982d1eda1c3b77
9333d900e7e2187b8df9db60653d79a67670d7456a2ebde2af3ac6c1849a50a7
937b3f63461afad89019635cfe35969b1cfc31a3f2b2d4e5591edeffd8ca16b2
93adb8ebb8c076d224c5f2855cf76eea53ac94a94efc1a215ef10411587e42c6
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9476713709bfb2efbef10bee7267250bd6ef908f0f31927fc3f55d0d801a60d5
958e43d2f757b0c46613b1281f0937eab4ba55d88c0c2ccfc4fdaf388d438495
95b73705c857138f4f803e5b4750f59198473b24bacc7e118c8753869a296de9
95d9d2fa22f3870a20fdf38dd0c5bfec796fd4d2aeac90df70756a5686a3115a
96f8f0260bcfded056d7459208f020dd483e90346706913df4dce3f5aea925a2
971842b80b8d4e847ed32adf3e62de2cf6e8cce9080d54321583d6d524de0f6b
972b9c49d39f7dd1a2c03317d300c90db080ed76f0c058a9f5457761a675ae95
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
979d381930644e5be210ba5598cf61425aeb28f6707b2d520fc9f03a8cec7577
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
9a18923a56904e8d0817d941b53a6011fa0fa515d8e234d79fe5bea6f4797f45
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9f1ced139faf5ce7c10afb8553cd70ecd8f5b3b4263a09befeb1808e1dadd916
a05ead6ecb5d9ec5b43c47dc4e6e3c20d9d6dd29ccdb86ba888d641b15c54a44
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09657c72e35c2f034a0b4bd5350925e7fb5da961daa065ab434beb5fe31f1cb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f9ad02227ffa5dcf362960b19b2c11db329033e6821d1c988754a60d404c73
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a24e45e1d04daf98fd1558c77c1c047c6b83a8b2e148d9bddd93b12d8111ecd3
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4945a0332a8ee8b4a580b7c91bf544f1f7dab64eb8bc0e01b3b0ccc62215bef
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6fda033b750eff844c58062210250051e9861b39f8ef9c3c3c9346c40cfc6d9
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a98506ec5f6708ca309a7ed641534b23cea553d4ac3d3d9878ba81741d539043
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa12511785aebfc30c03b60eef91010d95eea60d984444aacaf2aef147b76e2c
aa3b0b0b923bac2349785995c9658d67ebd1b17fcf15f250ad3caea606c488fe
aad6b04100f894ca76cfe2be0f89aaa81c1a8a285492d21c2706b050fe4c5eb7
ab548cd5f174050cbfed4797da2cd82c78638e3559fc46b9377a0cf6e7875a25
aba0c713d86cf9972937256bb9ad6e89b5dfe3d1a691447825d5a49cddb3e68d
abedc4371b8288916f3e5590ca754c251644eb09970fa07a2e28c414b724057b
ac52210e21e627095083a9b31c888bf64cf360d990d56be585ad359086c1d62e
acacf0075d11c042c8a3220123bd748d0a34a00ddfb3fb46e337e213670c97f5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
aeaed5e400bb01adc7eaa5c9f93d884f0f413b7b81d9e4f3363347d36ea1bf4d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeced48dc2e40dc5b9355363965ebc7dcd1cc7a9f32df40593bd61d6f9cf5d21
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afe27388be7dd8289ae73d2da0c1eb0d6dcbe18d0ce7c88b0879dbf28c9d5e06
b1043d63837511e948acea308d939cb136c72a99e26987a7af6f40caeb5be4a9
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15dec3d30115400e55a13974894241063aeb3500c18474e50a0b1fca5226e02
b1f09d70a07b150dab76b398a560e6b16366c1bbf3db50db3b7ecd70d491fd7f
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b3d4d84def825df07c7d3ccac7d867236b2ae413199241648fe50e211295b1f0
b3d62f785e2d848c2552a471668b6a79647d0b01401825294155c005f1b6f6d4
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b646391d51939e42d4ce97a485d4fc57f132e921db2bc60e6ebfb69955f954da
b6ef605074e55956ec21db15a50240d255e1abcead99824e9565983269dd76b6
b7ca1fe25659ef7f833861cd28cc5ed61b84be92d0be3fb8874501dae3ddb51d
b943ac9eb37bac5937d3fdec8a4295e7e330f8c1ff4b481fb2810d3ae4bca8dd
ba8e38c6c85b0384447b0174b6e16c72c56acbd084c40db40abedf89036f080c
bab2b0aef8b999697d656c04edc70b35cc21ee169d73cebf66b8989515988f65
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd48714c6c43530858630488f5c2d5326959c4c0f5374c8d2aaaf04c428874e3
bf0536a7ccecbfef8793cfc6a61b4454864a4197992ce5ddaa014b48f72bef9b
bf18cec088ba6e701bb1d557203b23ddff9fca3e02f03abbd5ead01eb3ea3b92
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c05af36093a358ba227c2d49e0dc5ea5c666e42d131fefb042460461428863d9
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c23ef9aa4603538d4710afa4e29284a60ad8956a8b8ab76236def69c97c31a7e
c33da808a137a9d6d167d851eefea2542a4cf55ff8f6c1d62712932a81067dd5
c38acb6a4171c20da3c746768a8fc4588f10f56a8b9f78f67569d2e7a0bddf23
c415c94b126475dd77cff0a01552daab645e017edb1f7ef364b56c87ff7a4e62
c4fd3e33e4f6d0d3a4f82388adda18b65220a45ecc960ad567a2c1b5bc62a27e
c5e8f32a58d20c63925df016ebe6175f2267307c9ecfc54592109110c13a4fa8
c62f164ad9b7f1e1097857876ba11f77f5e8a43e6aee7ca81c2b2ee223382809
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a
c943be32360d95667589a30c1c17eaa05d6d5da65d54690f7ef2a82c474a0daa
c9a4b75c4f0b70e8eaf48f2c3b9d409e835ae7fa631850e48cb36234aad474a3
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
ca072d0a6503d08841bbb5e12e8f0db07f90b30f1ac9ddadcf8f3946a94ee5c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca4a5654625775ae159b47b98ca6632a7e34940d064455f3ff03d51b5fcc63c5
cad6b94f1543b2f61a48e6eb312970faf9ba155d6b6bf87fb76bac6a04239ddd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc556e8e4d6a7fdbecfd3f69f1d34457c0ea497bc5f52b6710aa0fd52689eba6
cc7d102446e8552ebe43f75fd0c82d4a344f881fee628189788819ba3c9ab51b
ccc3fb047476fdfe9e328f924e94ac3e6fdff014e1712a276b8a0098c7b0a8e3
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
cffa54a23c9578606b2d8d773b7ef00e8629693bf74ca630e58bba1d2c5f1926
d02be652e42bb600ca993e13fd203bda9f8d2992624da6becb8108ef468e9966
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9387b4d32e24e4afa333c9f2729c46e274d8102d375854a2d6020b6ded23ced
d94fb5c8de8845c703b88f8c9989ba26907c75ed00d2ce3dc1b85f05eaf4e234
d9a6eab6117ad0013c121dc80d8dd4d3e7c9ced1cff06342c1bd8a8988759d7e
da3cba018faf3b460d8db232de1c521bb23ff53f21d7f904ec8fdca2e95fb50d
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
dc7b85cfa9aabe6b00ca32b83db57d2d4fe47ac72811875182b929e48b1532cc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dd9343363dfb6730490f3186a56a7c0e7dffeb9e7bce6c24e12855690fb906b1
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de2458d8e72279628062bc53bca3f18d87b1132a04e385d3a115a63c883d26c2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de66de9e18ea8276935617fbd036ae789de4ab2301e43bfd5f082bedcad4c115
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e05904054b6def1b931444c8df632cad0497c74c92e01cdadd2b6c238ddc0b45
e0d71a596e12268daf10d7091a3e4d54c4d7fe2b11691a271fde13b6eb4a8b17
e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba
e101756b8300a36e3506c8af0c28686b7683497a12d3351e67bc7beef1cebd1d
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1fcaa03051c4e37410cfc850f1299da211bb28d88eca77d1f006a6a27eb2979
e1fdc44952c5adc02e3f24e8873bfdba96382c1fd821cfdf472896db1bea9ed3
e299ebc7e9d8ba28f03e84211b2cfb5d292eb455c0bc310522934894a8adc3b5
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e95ec2cce2536b8c0d0da3ce1dd4b30c47e3de0ebb56b04207b68aa36066e03d
e9f84dc5455ceb4acea9c510c0c1fbeb07547b45538376bb763a510f830d698f
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ecc9a3daeb4f9363f5101294b2bb0d2da1ff1aac1751fb8c84e0276395ccc292
ece44dc6496984202d84031912f2fe617b856559578750f3735818a0ad5b7129
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
edf9ff6b104de9e7b69d85941d0e2593e5b079088ed50862de591acd2afabc61
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee67530b6f73362229e2ac935805411af4a12feffdadc736cec1bf3f9da25f8d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
ef5624bcbfc1c50624726921c666257cd396e6695714b298b69b46713752a80f
ef8a8ca911c150883a403abc9fb10f0f622b7e5d3604b5efa9de1e3040b49bb1
f0f15e60acc92819e5dd9b498cb7b69f854b1c0220b44c9a18fea4ac0688f8cd
f18b319b294c1f8cbd9ad9feb6006ddb07303cff099a494d8df2ad70b7cb44c4
f200dd381332cbd68d65ecfecf03e80e09e990a78e57cea26c0c7332cf9c7606
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f
f587947c821c4a1853a05ace346f46f5a25a9e7bd0281e07def5761f319171a7
f62a6ac633464aa38885e3bc5c49c6fc766fdd9a00e886e16a231a995dd3ec78
f6a29af0d6e731770a94e249b68bfaef2f10f0900fa373e1eb837cc621453587
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fcb8ca528bf131cf285667276d43051e094cd10550903ba872d186af9c08ce48
fde4574c599fc8118bb3854982864520f5f16dbabed1c81e17db1447f3ad772b
fdf51c9e803c4fe8d92731671b1bd0aef5b6b7756682119b08536f914d1cf38c
fe0d5a922159b542d16dea44fc0dad888f220eb294354ae1cbbf3583c2115e6f
fe8f568eb5ceba970cb086c049ad619018fbc24e40662202f94e9534551fc185
fea09e4a9d33b00dc8fd1c86941b21949588a97b2f0d6331de0174e397e38850
ff2099cb6874b4334eba38f29bc2f6797fa932e88a32cab129788e02fb6acd77