tribuneonlineng.com Open in urlscan Pro
162.159.137.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jankoors.com/click?redirect=https%3A%2F%2Ftribuneonlineng.com%2F&dID=1723465233089&hashId=8504fc6b732f1530a24...
Effective URL:
https://tribuneonlineng.com/
Submission: On August 13 via api (August 13th 2024, 7:11:01 pm UTC) from US — Scanned from CA

Summary HTTP 309 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 79 IPs in 7 countries across 64 domains to perform 309 HTTP transactions. The main IP is 162.159.137.54, located in and belongs to CLOUDFLARENET, US. The main domain is tribuneonlineng.com. The Cisco Umbrella rank of the primary domain is 563963.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.

This is the only time tribuneonlineng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.215.199.215 3.215.199.215	14618 (AMAZON-AES) (AMAZON-AES)
72	162.159.137.54 162.159.137.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
6	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
10	142.251.40.232 142.251.40.232	15169 (GOOGLE) (GOOGLE)
4	3.230.247.109 3.230.247.109	14618 (AMAZON-AES) (AMAZON-AES)
8	104.22.63.227 104.22.63.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
14	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
12	185.132.133.134 185.132.133.134	49981 (WORLDSTREAM) (WORLDSTREAM)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
4	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.85.61.20 52.85.61.20	16509 (AMAZON-02) (AMAZON-02)
3	18.173.219.66 18.173.219.66	16509 (AMAZON-02) (AMAZON-02)
3	104.18.25.111 104.18.25.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.40.15 104.21.40.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	51.222.39.184 51.222.39.184	16276 (OVH) (OVH)
2	192.184.68.254 192.184.68.254	14618 (AMAZON-AES) (AMAZON-AES)
8	54.155.6.103 54.155.6.103	16509 (AMAZON-02) (AMAZON-02)
1	99.80.30.141 99.80.30.141	16509 (AMAZON-02) (AMAZON-02)
1	34.248.22.168 34.248.22.168	16509 (AMAZON-02) (AMAZON-02)
1	104.22.0.202 104.22.0.202	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.72.99 142.250.72.99	15169 (GOOGLE) (GOOGLE)
7	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	172.67.174.127 172.67.174.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.34.90 13.226.34.90	16509 (AMAZON-02) (AMAZON-02)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
1	3.231.69.201 3.231.69.201	14618 (AMAZON-AES) (AMAZON-AES)
1	18.173.132.63 18.173.132.63	16509 (AMAZON-02) (AMAZON-02)
3	23.51.57.13 23.51.57.13	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.251.40.206 142.251.40.206	15169 (GOOGLE) (GOOGLE)
1	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
2 8	68.67.160.184 68.67.160.184	29990 (ASN-APPNEX) (ASN-APPNEX)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
5	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	108.138.128.28 108.138.128.28	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.117.4 74.119.117.4	19750 (AS-CRITEO) (AS-CRITEO)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.65.225 142.250.65.225	15169 (GOOGLE) (GOOGLE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	142.251.40.161 142.251.40.161	15169 (GOOGLE) (GOOGLE)
1	172.67.70.115 172.67.70.115	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
2 2	207.65.37.184 207.65.37.184	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.173.65.180 54.173.65.180	14618 (AMAZON-AES) (AMAZON-AES)
2	74.119.117.17 74.119.117.17	19750 (AS-CRITEO) (AS-CRITEO)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	142.251.40.106 142.251.40.106	15169 (GOOGLE) (GOOGLE)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	74.119.117.16 74.119.117.16	19750 (AS-CRITEO) (AS-CRITEO)
1	175.110.113.216 175.110.113.216	49981 (WORLDSTREAM) (WORLDSTREAM)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
3	51.222.239.230 51.222.239.230	16276 (OVH) (OVH)
1	142.251.40.198 142.251.40.198	15169 (GOOGLE) (GOOGLE)
4	175.110.113.200 175.110.113.200	49981 (WORLDSTREAM) (WORLDSTREAM)
1	172.67.75.241 172.67.75.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.158.29.13 51.158.29.13	12876 (Online SAS) (Online SAS)
2	208.115.237.110 208.115.237.110	46475 (LIMESTONE...) (LIMESTONENETWORKS)
2	207.65.32.76 207.65.32.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.146.10 69.173.146.10	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.18.23.145 104.18.23.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.241.34.106 35.241.34.106	15169 (GOOGLE) (GOOGLE)
1	3.220.246.207 3.220.246.207	14618 (AMAZON-AES) (AMAZON-AES)
2	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	74.119.117.9 74.119.117.9	19750 (AS-CRITEO) (AS-CRITEO)
1	23.227.151.194 23.227.151.194	55081 (24SHELLS) (24SHELLS)
2	147.28.129.140 147.28.129.140	54825 (PACKET) (PACKET)
1	54.158.194.159 54.158.194.159	14618 (AMAZON-AES) (AMAZON-AES)
1	104.22.31.209 104.22.31.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.11.176 104.18.11.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.208.175.5 3.208.175.5	14618 (AMAZON-AES) (AMAZON-AES)
1 1	23.201.191.176 23.201.191.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.203.105.107 23.203.105.107	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	3.92.156.225 3.92.156.225	14618 (AMAZON-AES) (AMAZON-AES)
1	104.22.30.209 104.22.30.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
309	79

1 3.215.199.215 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-199-215.compute-1.amazonaws.com

jankoors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 162.159.137.54 (None, )

ASN13335 (CLOUDFLARENET, US)

tribuneonlineng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.40.232 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.230.247.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-247-109.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.22.63.227 (None, )

ASN13335 (CLOUDFLARENET, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.81.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.20 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-20.ewr53.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.219.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-66.jfk52.r.cloudfront.net

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)

scaredslip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.40.15 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.themoneytizer.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.184.68.254 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.155.6.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.30.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-30-141.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.22.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-22-168.eu-west-1.compute.amazonaws.com

metrics.biddertmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.0.202 (None, )

ASN13335 (CLOUDFLARENET, US)

www.podbean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.174.127 (United States)

ASN13335 (CLOUDFLARENET, US)

tmzr.themoneytizer.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-90.ewr53.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.69.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-69-201.compute-1.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-63.jfk52.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.206 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 68.67.160.184 (Colonia, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.65.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net

1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.70.115 (United States)

ASN13335 (CLOUDFLARENET, US)

lib.wtg-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.66 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.37.184 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.173.65.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-65-180.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.117.17 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.106 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.16 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 175.110.113.216 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-216.hosted-by-worldstream.net

ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.198 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 175.110.113.200 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-200.hosted-by-worldstream.net

cdn.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.241 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.158.29.13 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.115.237.110 (Los Angeles, United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 110-237-115-208.static.reverse.lstn.net

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.32.76 (United States)

ASN62713 (AS-PUBMATIC, US)

prebid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.146.10 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.145 (None, )

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com

c.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.246.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-246-207.compute-1.amazonaws.com

1x1.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.117.9 (United States)

ASN19750 (AS-CRITEO, US)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.151.194 (Piscataway, United States)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.28.129.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.194.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-194-159.compute-1.amazonaws.com

bid.missena.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.31.209 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.176 (None, )

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.175.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-175-5.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.191.176 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-191-176.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.105.107 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-105-107.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.156.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-225.compute-1.amazonaws.com

sync.missena.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.30.209 (None, )

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	tribuneonlineng.com tribuneonlineng.com — Cisco Umbrella Rank: 563963	581 KB
20	wp.com c0.wp.com — Cisco Umbrella Rank: 12302 stats.wp.com — Cisco Umbrella Rank: 4519 i0.wp.com — Cisco Umbrella Rank: 5176 pixel.wp.com — Cisco Umbrella Rank: 4225	94 KB
16	vidverto.io ad.vidverto.io — Cisco Umbrella Rank: 36449 cdn.vidverto.io — Cisco Umbrella Rank: 48573	368 KB
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	368 KB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	199 KB
10	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 383 secure.adnxs.com — Cisco Umbrella Rank: 764 acdn.adnxs.com — Cisco Umbrella Rank: 961	27 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	470 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 imasdk.googleapis.com — Cisco Umbrella Rank: 588	150 KB
8	cpx.to p.cpx.to — Cisco Umbrella Rank: 16638 s.cpx.to — Cisco Umbrella Rank: 12865	11 KB
8	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 44209	49 KB
7	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 855 image2.pubmatic.com — Cisco Umbrella Rank: 1373 prebid.pubmatic.com — Cisco Umbrella Rank: 98606	143 KB
7	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081	1 KB
6	4dex.io script.4dex.io — Cisco Umbrella Rank: 3230 mp.4dex.io — Cisco Umbrella Rank: 3652 Failed c.4dex.io — Cisco Umbrella Rank: 7474	24 KB
6	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 555 fastlane.rubiconproject.com — Cisco Umbrella Rank: 780 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1494 eus.rubiconproject.com — Cisco Umbrella Rank: 948	2 KB
6	powerad.ai powerad.ai — Cisco Umbrella Rank: 44402 reporting.powerad.ai — Cisco Umbrella Rank: 50443	50 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3664 google-bidout-d.openx.net — Cisco Umbrella Rank: 3568 rtb.openx.net — Cisco Umbrella Rank: 920 Failed u.openx.net — Cisco Umbrella Rank: 1176	864 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
4	gstatic.com fonts.gstatic.com	759 KB
4	criteo.com gum.criteo.com — Cisco Umbrella Rank: 553 Failed dis.criteo.com — Cisco Umbrella Rank: 1058 grid-bidder.criteo.com — Cisco Umbrella Rank: 11736 Failed	978 B
4	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5708 onesignal.com — Cisco Umbrella Rank: 1415	82 KB
3	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 998 Failed eb2.3lift.com — Cisco Umbrella Rank: 632	1 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1162 Failed 1x1.a-mo.net — Cisco Umbrella Rank: 4564	1 KB
3	themoneytizer.fr cdn.themoneytizer.fr — Cisco Umbrella Rank: 56207 tmzr.themoneytizer.fr — Cisco Umbrella Rank: 52126	141 KB
3	scaredslip.com scaredslip.com — Cisco Umbrella Rank: 117720	25 KB
3	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 5576	46 KB
2	missena.io bid.missena.io — Cisco Umbrella Rank: 70254 sync.missena.io — Cisco Umbrella Rank: 89649	268 B
2	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5898 Failed csync.smilewanted.com — Cisco Umbrella Rank: 4588	334 B
2	zemanta.com b1h.zemanta.com — Cisco Umbrella Rank: 9129 Failed	931 B
2	seedtag.com s.seedtag.com — Cisco Umbrella Rank: 2961 Failed	935 B
2	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4920 sync.richaudience.com Failed	467 B
2	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 34782	3 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 499	895 B
2	crwdcntrl.net id.crwdcntrl.net Failed tags.crwdcntrl.net — Cisco Umbrella Rank: 1256 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	13 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 645	2 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 2352 cdn-ima.33across.com Failed ssc-cms.33across.com Failed	600 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 505	568 B
2	google.com analytics.google.com — Cisco Umbrella Rank: 238
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel.quantserve.com — Cisco Umbrella Rank: 1616	10 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2483	239 B
1	adtelligent.com ghb.adtelligent.com Failed ghb1.adtelligent.com — Cisco Umbrella Rank: 12563	2 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 449	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	1 KB
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 62254	154 B
1	wtg-ads.com lib.wtg-ads.com — Cisco Umbrella Rank: 71937	21 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	279 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3616	1 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2913	8 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 9677	63 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 1040	478 B
1	zprk.io pixel.zprk.io — Cisco Umbrella Rank: 19690	3 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	1 KB
1	podbean.com www.podbean.com — Cisco Umbrella Rank: 107942
1	biddertmz.com metrics.biddertmz.com — Cisco Umbrella Rank: 50565
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 37998	859 B
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 11971	605 B
1	jankoors.com 1 redirects jankoors.com	628 B
0	1rx.io Failed sync.1rx.io Failed
0	adpartner.pro Failed a4p.adpartner.pro Failed
0	mediarithmics.com Failed cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 6873 Failed
0	amazon-adsystem.com Failed c.amazon-adsystem.com Failed
0	brainlyads.com Failed hb.brainlyads.com Failed
0	sascdn.com Failed ced.sascdn.com Failed
0	instagram.com Failed www.instagram.com Failed
309	64

	Domain	Requested by
72	tribuneonlineng.com	tribuneonlineng.com
14	pagead2.googlesyndication.com	tribuneonlineng.com pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
12	ad.vidverto.io	tribuneonlineng.com ad.vidverto.io
11	c0.wp.com	tribuneonlineng.com
10	www.googletagmanager.com	tribuneonlineng.com powerad.ai www.googletagmanager.com
8	securepubads.g.doubleclick.net	tribuneonlineng.com securepubads.g.doubleclick.net pagead2.googlesyndication.com imasdk.googleapis.com
8	ads.themoneytizer.com	tribuneonlineng.com tmzr.themoneytizer.fr
7	i0.wp.com	tribuneonlineng.com
7	onetag-sys.com	ads.themoneytizer.com ad.vidverto.io tmzr.themoneytizer.fr
6	s.cpx.to	p.cpx.to tribuneonlineng.com
6	ib.adnxs.com	p.cpx.to tmzr.themoneytizer.fr
6	fonts.googleapis.com	tribuneonlineng.com pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	c.4dex.io	tmzr.themoneytizer.fr
4	cdn.vidverto.io	tribuneonlineng.com
4	imasdk.googleapis.com	ad.vidverto.io imasdk.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com ad.vidverto.io
4	powerad.ai	tribuneonlineng.com powerad.ai
3	ads.pubmatic.com	tribuneonlineng.com tmzr.themoneytizer.fr
3	scaredslip.com	tribuneonlineng.com scaredslip.com
3	cmp.inmobi.com	tribuneonlineng.com cmp.quantcast.com cmp.inmobi.com
2	acdn.adnxs.com	tmzr.themoneytizer.fr
2	eb2.3lift.com	1 redirects tmzr.themoneytizer.fr
2	eus.rubiconproject.com	script.4dex.io tmzr.themoneytizer.fr
2	prebid.a-mo.net	tmzr.themoneytizer.fr
2	fastlane.rubiconproject.com	tmzr.themoneytizer.fr
2	b1h.zemanta.com	tmzr.themoneytizer.fr tribuneonlineng.com
2	prebid.pubmatic.com	tmzr.themoneytizer.fr
2	s.seedtag.com	tmzr.themoneytizer.fr tribuneonlineng.com
2	shb.richaudience.com	tmzr.themoneytizer.fr
2	kvt.sddan.com	tmzr.themoneytizer.fr
2	x.bidswitch.net	2 redirects
2	oajs.openx.net	1 redirects tribuneonlineng.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	id5-sync.com	tmzr.themoneytizer.fr
2	lexicon.33across.com	1 redirects tribuneonlineng.com
2	match.adsrvr.org	p.cpx.to
2	analytics.google.com	www.googletagmanager.com
2	onesignal.com	cdn.onesignal.com
2	reporting.powerad.ai	powerad.ai
2	p.cpx.to	ads.themoneytizer.com powerad.ai
2	gum.criteo.com	ads.themoneytizer.com tmzr.themoneytizer.fr static.criteo.net
2	cdn.themoneytizer.fr	ads.themoneytizer.com
2	cdn.onesignal.com	tribuneonlineng.com cdn.onesignal.com
1	csync.smilewanted.com	tmzr.themoneytizer.fr
1	sync.missena.io	tmzr.themoneytizer.fr
1	u.openx.net	tmzr.themoneytizer.fr
1	secure-assets.rubiconproject.com	1 redirects
1	bid.missena.io	tmzr.themoneytizer.fr
1	ghb1.adtelligent.com	tmzr.themoneytizer.fr
1	1x1.a-mo.net	tmzr.themoneytizer.fr
1	cadmus.script.ac	script.4dex.io
1	grid-bidder.criteo.com	tmzr.themoneytizer.fr
1	tlx.3lift.com	tmzr.themoneytizer.fr
1	mp.4dex.io	tmzr.themoneytizer.fr
1	rtb.openx.net	tmzr.themoneytizer.fr
1	prebid.smilewanted.com	tmzr.themoneytizer.fr
1	script.4dex.io	tmzr.themoneytizer.fr
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.jsdelivr.net	ad.vidverto.io
1	ad.vidver.to	tribuneonlineng.com
1	dis.criteo.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	tribuneonlineng.com
1	lib.wtg-ads.com	securepubads.g.doubleclick.net
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	lb.eu-1-id5-sync.com	tmzr.themoneytizer.fr
1	pixel.quantserve.com	tribuneonlineng.com
1	1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.google.ca	tribuneonlineng.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.adsafeprotected.com	tribuneonlineng.com
1	pixel.wp.com	tribuneonlineng.com
1	pixel.zprk.io	powerad.ai
1	rules.quantcount.com	secure.quantserve.com
1	tmzr.themoneytizer.fr	ads.themoneytizer.com
1	www.podbean.com	tribuneonlineng.com
1	metrics.biddertmz.com	ads.themoneytizer.com
1	adtrack.adleadevent.com	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	cmp.quantcast.com	1 redirects
1	stats.wp.com	tribuneonlineng.com
1	jankoors.com	1 redirects
0	sync.1rx.io Failed
0	ssc-cms.33across.com Failed	script.4dex.io
0	sync.richaudience.com Failed	tmzr.themoneytizer.fr
0	ghb.adtelligent.com Failed	tmzr.themoneytizer.fr
0	a4p.adpartner.pro Failed	tribuneonlineng.com
0	cdn-ima.33across.com Failed	securepubads.g.doubleclick.net
0	cookie-matching.mediarithmics.com Failed	tribuneonlineng.com
0	id.crwdcntrl.net Failed	tmzr.themoneytizer.fr
0	c.amazon-adsystem.com Failed	ads.themoneytizer.com
0	hb.brainlyads.com Failed	powerad.ai tribuneonlineng.com
0	ced.sascdn.com Failed	ads.themoneytizer.com
0	www.instagram.com Failed	tribuneonlineng.com
309	103

This site contains links to these domains. Also see Links.

Domain
sportingtribune.com
web.facebook.com
twitter.com
instagram.com
www.youtube.com
t.me
whatsapp.com
vidverto.io
www.instagram.com
www.tribuneonlineng.com

Subject Issuer	Validity	Valid
tribuneonlineng.com WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
powerad.ai Amazon RSA 2048 M03	`2024-04-28` - `2025-05-28`	a year	crt.sh
ads.themoneytizer.com WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ad.vidverto.io R10	`2024-06-18` - `2024-09-16`	3 months	crt.sh
onesignal.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
scaredslip.com E6	`2024-07-07` - `2024-10-05`	3 months	crt.sh
themoneytizer.fr WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
p.cpx.to Amazon RSA 2048 M03	`2024-04-24` - `2025-05-23`	a year	crt.sh
*.adleadevent.com Amazon RSA 2048 M02	`2024-05-27` - `2025-06-26`	a year	crt.sh
metrics.biddertmz.com R10	`2024-07-22` - `2024-10-20`	3 months	crt.sh
podbean.com E5	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2023-08-13` - `2024-09-13`	a year	crt.sh
*.zprk.io Amazon RSA 2048 M03	`2023-09-19` - `2024-10-17`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
oa.openxcdn.net WR3	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
invstatic101.creativecdn.com WR3	`2024-06-18` - `2024-09-16`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
wtg-ads.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
s.cpx.to Amazon RSA 2048 M02	`2024-04-24` - `2025-05-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdn.vidverto.io R11	`2024-06-18` - `2024-09-16`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
kvt.sddan.com R11	`2024-08-03` - `2024-11-01`	3 months	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2024-02-14` - `2025-02-25`	a year	crt.sh
script.ac E6	`2024-06-23` - `2024-09-21`	3 months	crt.sh
c.4dex.io WR3	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.a-mo.net Amazon RSA 2048 M02	`2024-05-21` - `2025-06-19`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-22` - `2025-04-22`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.missena.io Amazon RSA 2048 M02	`2024-07-11` - `2025-08-08`	a year	crt.sh
smilewanted.com WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
mp.4dex.io WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-10`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh

This page contains 35 frames:

Primary Page: https://tribuneonlineng.com/
Frame ID: 3D23DBDC72A63CB69D58A52B1AD42471
Requests: 271 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1723576231199
Frame ID: 65DBB91FC1A9D7D2F8369AF0C6FE2D4B
Requests: 1 HTTP requests in this frame

Frame: https://www.podbean.com/player-v2/?i=fpzpa-f1c6c7-pbblog-playlist&share=1&download=1&rtl=0&fonts=Arial&skin=c73a3a&font-color=&logo_link=episode_page&order=episodic&limit=10&filter=all&ss=a713390a017602015775e868a2cf26b0&btn-skin=666666&size=480
Frame ID: 8872F993543B637872271015A044D747
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Frame ID: 0BA0113D89EE214A9C688A2756FA83A9
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js
Frame ID: 33C7C7EDF4FF1AD2899F6C997D0B161A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/zrt_lookup_fy2021.html
Frame ID: 1D397482779225C1D265FCDE613D5928
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723575898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~32_18~27_9~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=14&bdt=1129&idt=300&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6512033505913&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fsapi=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4825
Frame ID: D7C25279F7420581D47989B0835B646D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&h=90&slotname=5290815155&adk=880807324&adf=1011185357&pi=t.ma~as.5290815155&w=728&abgtt=6&lmt=1723575898&format=728x90&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=19&bdt=1128&idt=465&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6512033505913&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4834
Frame ID: 9CFEE13B0396AEB04397FDDB68146821
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&h=280&slotname=9368067099&adk=1609742274&adf=1774269289&pi=t.ma~as.9368067099&w=754&abgtt=6&fwrn=4&fwrnh=100&lmt=1723575898&rafmt=1&format=754x280&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=2&bdt=1129&idt=485&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6512033505913&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=5027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4843
Frame ID: 59C38F4B758E3CBB59D1136D3B313490
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: BA2412665BE93AA04508C111DF0A4D31
Requests: 1 HTTP requests in this frame

Frame: https://1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 552526497A91810C9FB6FF02FE8481AA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPTZ0W2fxHE3r7R1Ce4FxwK2uns1t38Ck8JliD3KG2X937afIZB9BXBo4yaSfIUhKRWB2MmFlcTqkxbLaQNJSikS9yWSeFE8osXUb5TH4YgY6c-Xju1RE-o03p_Wi7sAkrbalXeyOeKbOIjiLiVA4YpwbAbPTIFYp4xFfJ5cLgZ7BfVmrqhr8FeAHQOki2_JnYVDbNAMaa8CurjFrOt1z50Ve3CsJbwkzp1xWE4BhH-YIBo3A2IMRvkTsBR07m0JUnVhXBiHc9OGqOSTuxcPLgRE0oYiUzLJHSMEtca9p5arIAjfAdx71IQMPbQxjCTUxBXxYIXdcLZAw8Cuo8HaY&sai=AMfl-YRLh8Cx-UiJ7S_7afLDw9sbPclOA8jXIFZMh53rtNBfBZDXxF3bbwwGA7n--NjuTf-JtdGP-iy9_yg6uIEKOKMD2ggEftpisLH75fd-oOqHwo5q4r_VxwQNn9ZX0xY8o1ImCyB5Jzes3u69Mj3Ddzvr&sig=Cg0ArKJSzMyM_DDq9gBsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6E42E20587BFD552B99264F3BD15C735
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/zrt_lookup_fy2021.html
Frame ID: B7C06E2A4BB69AAE063B4D55DE55A9E7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tribuneonlineng.com&gdpr=0&gdpr_consent=
Frame ID: 49002A53466B79DEF445897CE8C0AF06
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E7F7ECE075E1E03F35CC23F19B0C4BD8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 8A8FCE8805CF08AA302FD281F2C08306
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.658.1_en.html
Frame ID: A8E6D5CAAFCC1576C80CC4AF8FBCF172
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6418081BEAF108F8F13124B66280760C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.658.1_en.html
Frame ID: C0AD1B5C8A6828B4D87984FC20EC14CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A5A36C3B47F59531A5502C0BE40BFADC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1723576251182&us_privacy=1---
Frame ID: C3E69A4AC2B6023849B4AD3225E32830
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: F25CDA473F805EB9989C419D2330BEA5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 6D0DC33ADF755490058AE746FC4819C8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0E754EBDC7454CA08DAC1D7F8F473C9E
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Frame ID: 39A18B7AB052999202C578B6030EB3A6
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: E0CDFC515A5E5FE625BC90DB5FEA52EC
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Frame ID: 35CBCC183351D61CDCDCED3B849D1CA7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=tribuneonlineng.com&gpp=
Frame ID: C242682D0A0A05902D12C4ABFEC0E2C6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 61297F1B1537DA78C982364418337166
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 1BDF0C83B9179286EA00B75A64CCEE00
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3260559442
Frame ID: 8E76D425BB2BDC9C34775C1D22B01A08
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1723576254105&gdpr=0
Frame ID: 32372BB50B6851B4E76EF7E1E39ADC2B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161784&gdpr=0&gdpr_consent=
Frame ID: A57777FA9B8412744724D3F14F649837
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C1939BD959893BA4CB029A4F2053830C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26it%3Dadg-pb-clt%26uid%3D33XUSERID33X
Frame ID: 21BA0A78CCF8DF9BAE0562BEE71FF08A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News, Latest News, Politics, Entertainment - Tribune Online

Page URL History Show full URLs

https://jankoors.com/click?redirect=https%3A%2F%2Ftribuneonlineng.com%2F&dID=1723465233089&hashId... HTTP 301
https://tribuneonlineng.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

309
Requests

89 %
HTTPS

0 %
IPv6

64
Domains

103
Subdomains

79
IPs

7
Countries

3711 kB
Transfer

11125 kB
Size

101
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://sportingtribune.com/
Title: SPORTING TRIBUNE

Search URL Search Domain Scan URL

URL: https://web.facebook.com/NigerianTribune/

Search URL Search Domain Scan URL

URL: https://twitter.com/nigeriantribune

Search URL Search Domain Scan URL

URL: https://instagram.com/tribuneonlineng

Search URL Search Domain Scan URL

URL: https://www.youtube.com/NigerianTribuneTV

Search URL Search Domain Scan URL

URL: https://t.me/%20PzWY-NZ7kNg3MTBk

Search URL Search Domain Scan URL

URL: https://whatsapp.com/channel/0029VaAVWVPChq6Tp9D1mC3w

Search URL Search Domain Scan URL

URL: https://vidverto.io/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@NigerianTribuneTV/videos
Title: Tribune Video

Search URL Search Domain Scan URL

URL: https://www.instagram.com/reel/C-nQfVKsdEA/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/capital-market/
Title: Capital Market

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/money-market/
Title: Money Market

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/economy/
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/friday-treat/
Title: Friday Treat

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/razzmatazz/
Title: Razzmattaz

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/xquisite/
Title: Xquisite

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/xquisite-food/
Title: Xquisite Food

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/xquisite-style/
Title: Xquisite Style

Search URL Search Domain Scan URL

URL: https://www.tribuneonlineng.com/category/wondrous-world-of-women/
Title: Wondrous World of Women

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://jankoors.com/click?redirect=https%3A%2F%2Ftribuneonlineng.com%2F&dID=1723465233089&hashId=8504fc6b732f1530a243d017e499caa92205843f29c203755be0043f507518d6f3bc2f&linkName=tribuneonlineng.com HTTP 301
https://tribuneonlineng.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js

Request Chain 89

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

Request Chain 170

https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0&b=1&tp=v7zbkoDDuI3jll7CqTfWZon%2BxCVkGGw1mivFCzByIf4%3D

Request Chain 174

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/8/2.gif?puid=f823ad8f-b904-4d9c-a7f9-3e9a76a7aa0f&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=e4210c60-f630-43f1-8369-19aebd26c953&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F6%2F4.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/6/4.gif?puid=123673216718909832&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/5/5.gif?puid=9AF328FFE81DBCD8&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/104/4/6.gif?puid=d8361303-31de-442c-b1be-bdae2ea5e13b&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/3/7.gif?puid=67ad370226cb58eefe387de7635c29ca&gdpr=0&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEKnmSmhoeeDoKUrvqKK5yOQ&dsp=dbm&google_cver=1

Request Chain 209

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12761%26url%3Dhttps%253A%252F%252Ftribuneonlineng.com%252F%26hn_ver%3D78%26fid%3Dd83b5b4e-69ee-4822-ab6a-444ca6bebd3f%26dsp%3DTTD%26dsp_uid%3De4210c60-f630-43f1-8369-19aebd26c953 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12761&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=d83b5b4e-69ee-4822-ab6a-444ca6bebd3f&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953

Request Chain 210

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85

Request Chain 211

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12967%26url%3Dhttps%253A%252F%252Ftribuneonlineng.com%252F%26hn_ver%3D78%26fid%3Dde8933c8-f168-4972-bbac-f02c00774446%26dsp%3DTTD%26dsp_uid%3De4210c60-f630-43f1-8369-19aebd26c953 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12967&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=de8933c8-f168-4972-bbac-f02c00774446&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953

Request Chain 216

https://oajs.openx.net/esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp&cc=1

Request Chain 230

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=&gdpr=0&gdpr_consent= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-IddJIUD_yLeaWMX1P6rFCimfcn-8ZEgOwfL95g&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=d8361303-31de-442c-b1be-bdae2ea5e13b&p_id=15

Request Chain 295

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

Request Chain 298

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 310

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent= HTTP 302
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

Request Chain 312

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D&cb=1723576261603 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-6bdbbc12-65c3-46bc-8e44-bba3239536b8-005&rndcb=3449352682 HTTP 302
https://sync.1rx.io/usersync/turn/3766647541711484429?dspret=1&gdpr=&gdpr_consent=&us_privacy=

309 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
tribuneonlineng.com/
Redirect Chain

https://jankoors.com/click?redirect=https%3A%2F%2Ftribuneonlineng.com%2F&dID=1723465233089&hashId=8504fc6b732f1530a243d017e499caa92205843f29c203755be0043f507518d6f3bc2f&linkName=tribuneonlineng.com
https://tribuneonlineng.com/

523 KB
78 KB

730ms
146ms

Document
text/html

162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c036c9684430ac39b057e5166f94178309ee7eddea08c858d234c9472bf2c581

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 332
alt-svc: h3=":443"; ma=86400
cache-provider: CLOUDWAYS-CACHE-DE
cf-cache-status: DYNAMIC
cf-ray: 8b2b016e8adca1da-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 19:10:30 GMT
last-modified: Tue, 13 Aug 2024 19:04:58 GMT
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

Redirect headers

Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With, XMLHttpRequest, x-csrf-token
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Aug 2024 19:10:29 GMT
Location: https://tribuneonlineng.com/
Server: nginx
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.3.33
X-XSS-Protection: 1; mode=block
expires: -1
pragma: no-cache

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.6.1/wp-includes/js/mediaelement/ 11 KB
3 KB 471ms
28ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:30 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.6.1/wp-includes/js/mediaelement/ 4 KB
1 KB 468ms
26ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:30 GMT

GET
H2 200 plugin.css
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/ 29 KB
5 KB 66ms
43ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/plugin.css?ver=11.0.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68725762f8658ebd5c28f53a5098b47fba547f7ae685ac1d1d0bfb19e029a25b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 06:42:00 GMT
server: cloudflare
age: 413388
etag: W/"66348738-72c6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc90a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 pff-paystack-style.css
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/ 57 KB
9 KB 64ms
43ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b095330c0560e721eb90024150bd15e5ef5aef2aa03aa2a5ad08743e66ba86d

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 23:18:53 GMT
server: cloudflare
age: 413388
etag: W/"6488f95d-e5dd"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc91a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/ 21 KB
5 KB 69ms
48ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/font-awesome.min.css?ver=2.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a0fcb6dc2faf553d3093b228519114b09d538dde82fcea861a90635aae4363

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 23:18:53 GMT
server: cloudflare
age: 413388
etag: W/"6488f95d-55e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc92a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
tribuneonlineng.com/wp-content/themes/jnews/ 427 B
387 B 65ms
44ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/style.css?ver=6.6.1
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 860b7564f614589710c7af01ded046938f904f58dfb900e1f98c1942ce81b99e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1ab"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc93a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 frontend-lite.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/css/ 207 KB
23 KB 64ms
44ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.23.3
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac23176b7f4dd09a1c12457fa8fcdf5e46734c8cb7f0c3925f5f3d51544bc0d3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413388
etag: W/"66aa3cad-33c98"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc94a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 elementor-icons.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 67ms
47ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.30.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1de196d21cc8c1648dd4f77219c6e0d3d8660fcef059a2c6159bc023906398

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413461
etag: W/"66aa3cad-4d6c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc95a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 swiper.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 66ms
47ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413461
etag: W/"66aa3cad-4057"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc96a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 post-635565.css
tribuneonlineng.com/wp-content/uploads/elementor/css/ 1 KB
468 B 64ms
45ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/uploads/elementor/css/post-635565.css?ver=1722434288
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdf1cd6d180a0c59bf9068bb444126e7c6f9debecfbd3b20b99e8e41d83d1cb

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:58:08 GMT
server: cloudflare
age: 413461
etag: W/"66aa42f0-458"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc98a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 global.css
tribuneonlineng.com/wp-content/uploads/elementor/css/ 9 KB
912 B 65ms
45ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/uploads/elementor/css/global.css?ver=1722434288
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:58:08 GMT
server: cloudflare
age: 413461
etag: W/"66aa42f0-2503"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc9aa1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 post-692147.css
tribuneonlineng.com/wp-content/uploads/elementor/css/ 316 B
249 B 67ms
48ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/uploads/elementor/css/post-692147.css?ver=1722434288
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6787a8da30534fa00a1a1d27503c041922b243f601f3ede51dc2598c9ceef3a8

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:58:08 GMT
server: cloudflare
age: 413461
etag: W/"66aa42f0-13c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0170fc9ba1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 font-awesome.min.css
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 82ms
63ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413388
etag: W/"66aa3cad-7917"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711ca8a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 jegicon.css
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/ 3 KB
694 B 80ms
61ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/jegicon.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-aff"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711ca9a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.jscrollpane.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 1 KB
531 B 80ms
62ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/jquery.jscrollpane.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eaa9a43c63295f2060dc352c8bd1c608ab952260b2446d18c306cc240d03b86

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-431"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711caaa1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 okayNav.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 3 KB
936 B 89ms
72ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/okayNav.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d85ca8586e1f1cb0d61a05cc405d33700aef58f7bdc9e71ef6b68323b7604ef6

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-ab9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711caca1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 magnific-popup.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 6 KB
2 KB 84ms
67ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/magnific-popup.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2948481022d708e82719cfcd81524c45a552e648e7b0c556926d117dd15fdd60

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413387
etag: W/"669efc4d-1609"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711caea1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 chosen.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/chosen/ 11 KB
2 KB 82ms
70ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/chosen/chosen.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44398587b3d4b1a7ec6f1d30c13c37d8a3f3f7825a2dc36c97d0f499653a788b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-2ac8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cafa1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 243 KB
40 KB 77ms
69ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9e5b243e4375900a73f1682e6a0df5ea834b9038b9dc3b4145b6395c20e995

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-3cb67"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb0a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 responsive.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 12 KB
3 KB 72ms
64ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/responsive.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6aebdce6f243a2fd13336d91c9e8c03f9d128ac528d5b64929b2eddf475a105

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-2f1a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb1a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 pb-temp.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 29 KB
4 KB 73ms
65ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/pb-temp.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9fa6dbc13054201cb25b90df7e59e4cd0d311f1feda7fe2b91ff2ef931fb152

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-735b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb2a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 elementor-frontend.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 681 B
311 B 77ms
69ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/elementor-frontend.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6400dc8b0e288909fa6cc5abdb32a8c2f1a8f8efeb93369ab9bf9378f5f50bd7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-2a9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb4a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
tribuneonlineng.com/wp-content/themes/jnews-child/ 566 B
395 B 78ms
71ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews-child/style.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 23:18:55 GMT
server: cloudflare
age: 413388
etag: W/"6488f95f-236"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb5a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 darkmode.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 46 KB
7 KB 72ms
66ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83d36dfd09b5f1fdf95c7ac47e7df5586a2448aa4b4f97b40894b783f4846717

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-b982"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb6a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 darkmode.css
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/ 4 KB
1 KB 71ms
65ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/css/darkmode.css?ver=11.0.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b15b4c5b04a6eb4f7809b76aa670c86dbcb633b91ead770fd64816d458fa481

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 06:42:00 GMT
server: cloudflare
age: 413388
etag: W/"66348738-115d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01711cb8a1da-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 49 KB
2 KB 480ms
55ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:11:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:30 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/13.6/css/ 106 KB
20 KB 450ms
26ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/13.6/css/jetpack.css

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 27 May 2024 14:35:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:30 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/jquery/ 86 KB
31 KB 450ms
26ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:30 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/jquery/ 13 KB
5 KB 449ms
25ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
104 KB 3289ms
155ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bde0d8641ef4427aeb9e899ddc368463fbea6c771ef1b31422e28959de60a572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106142
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 19:10:34 GMT

GET
H2 200 script.js Show response
powerad.ai/204857924095125/ 211 KB
47 KB 1236ms
42ms Script
application/javascript 3.230.247.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/204857924095125/script.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.247.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-247-109.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
content-encoding: gzip
last-modified: Wed, 07 Aug 2024 15:19:57 GMT
x-powered-by: Express
etag: W/"34a7c-1912d6ce878"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=172800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 462ms
39ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:08 GMT
server: cloudflare
age: 54615
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b01739a9cab30-YYZ
apigw-requestid: cbcLXiu7joEEPIg=

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 171 KB
22 KB 466ms
44ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: efacb49c049bb29559d1f5285322c54bf9d87e1fe3811fe2dcc6084b271ac943

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:09 GMT
server: cloudflare
age: 54259
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b01739a9aab30-YYZ
apigw-requestid: cbcLch8DDoEEPOQ=

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
33 KB 189ms
76ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

f0e9c6e7895185acaa731ed8477b58c3a1e5174c7bf743031f5fd42c98f44b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33291
x-xss-protection: 0
server: cafe
etag: 201 / 19948 / m202408080101 / config-hash: 7295874189859471589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
H2 200 Tribune-Online-Website-Cropped-Logo.png
tribuneonlineng.com/wp-content/uploads/2023/05/ 16 KB
16 KB 71ms
67ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2023/05/Tribune-Online-Website-Cropped-Logo.png
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ae5ca5f83697df545671effeaf1567404e779d58c06979af9e9099e115e9974

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
cf-cache-status: HIT
age: 413388
cf-polished: origFmt=png, origSize=25814
content-disposition: inline; filename="Tribune-Online-Website-Cropped-Logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16088
last-modified: Tue, 13 Jun 2023 23:15:47 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6488f8a3-64d6"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01711cb9a1da-YYZ

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
52 KB 186ms
74ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

94665953fcae4d8f163f2f95b490cd21b1aec2be6cb2789e791066a0ed880c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52910
x-xss-protection: 0
server: cafe
etag: 10934177194090956579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 466ms
44ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:08 GMT
server: cloudflare
age: 54618
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b01739a9eab30-YYZ
apigw-requestid: cbcLXhHdDoEEP5w=

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 170 KB
22 KB 38ms
36ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=31
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 90a0be64aef035903d14a6656aa0e385dfdc5781c96f144a790f6fa296bd7512

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:09 GMT
server: cloudflare
age: 54260
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b0173cac6ab30-YYZ
apigw-requestid: cbcLciLpDoEEJYg=

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 16587ms
730ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:47 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:10:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6555dc90-66a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:47 GMT

GET

embed.js
www.instagram.com/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js

0
0

GET
H3 200 tiny-slider.css
tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/ 2 KB
839 B 301ms
300ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5310fe55b411c576b30cda56f82773bc7227cf7dc069cbd80810968d9172ba8

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 410403
etag: W/"669efc4d-80a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01749f5dab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jnewsglobalslider.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/slider/ 4 KB
1 KB 300ms
300ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/slider/jnewsglobalslider.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 953d297714ff8be59e2ee663f52a3ca5ec31e35f9873497b64d7db9784011e6f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 410402
etag: W/"669efc4d-e61"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01749f60ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jnewsvidplaylist.css
tribuneonlineng.com/wp-content/themes/jnews/assets/css/ 12 KB
2 KB 228ms
175ms Stylesheet
text/css 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/jnewsvidplaylist.css?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8120fc8c7e91c95a395f16edeaed21f80f643be594d6849c7f8e59d50f3880b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 14177
etag: W/"669efc4d-31a8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01755824ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.blockUI.min.js Show response
tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/js/ 9 KB
4 KB 228ms
174ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/js/jquery.blockUI.min.js?ver=2.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e2bb08faeeea0cc98981210e9dfb040a8c17c2f046e1af76ab8a788bfa3d93

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Jun 2023 23:18:53 GMT
server: cloudflare
age: 413388
etag: W/"6488f95d-255f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01755826ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 core.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/ 21 KB
7 KB 117ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H3 200 byline.334a.min.js Show response
tribuneonlineng.com/wp-content/plugins/molongui-authorship/assets/js/ 4 KB
2 KB 246ms
191ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/molongui-authorship/assets/js/byline.334a.min.js?ver=4.9.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2024 17:23:21 GMT
server: cloudflare
age: 413388
etag: W/"668d7209-1095"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01755828ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/ 3 KB
2 KB 76ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/comment-reply.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H2 200 hoverIntent.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/ 1 KB
1 KB 118ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/hoverIntent.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H2 200 imagesloaded.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/ 5 KB
2 KB 118ms
22ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/imagesloaded.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 11 Aug 2023 18:18:26 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H3 200 isotope.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 34 KB
10 KB 244ms
180ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/isotope.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bdb1b8d0d776539a312953f0f86ffa80776c0aeabe1162ad537110280e6dc9b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-8936"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757839ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 lazysizes.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 7 KB
3 KB 244ms
181ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/lazysizes.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1b0e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175783cab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 ls.bgset.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 3 KB
1 KB 254ms
190ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/ls.bgset.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-aef"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175783eab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 superfish.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 5 KB
2 KB 251ms
190ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/superfish.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abbcd73db004e56766842ef27dd73a1f8d8bc75bd3e22ac886837a6ba2788a5e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-14b6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175783fab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 theia-sticky-sidebar.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 5 KB
2 KB 261ms
201ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/theia-sticky-sidebar.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 786c0db9eecaf816bb2db91a16904dd903f38a3e607eb8ce40c29d27f9820e3f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-14c3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757840ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.waypoints.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 9 KB
3 KB 280ms
220ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.waypoints.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e32d14eae4dd2bf3e342e71c482cb607435898e7d0b5720c3b638683f22b2d

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-2308"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757842ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.scrollTo.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 2 KB
1 KB 279ms
219ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.scrollTo.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d8da457735f728ae0fe4885112e46eaea75060e912e1c0fac533b3310b532be

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-9dc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757845ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.parallax.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 564 B
491 B 260ms
200ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.parallax.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-234"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757847ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.okayNav.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 8 KB
3 KB 258ms
198ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.okayNav.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd300ae6d161b2d6cba9fdd4f41081e4b60de9fa6f827c02100ca8731658ca7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1e1a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175784bab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.mousewheel.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 3 KB
1 KB 255ms
197ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.mousewheel.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c184e68dbbb51cbe35dbe92184492ffa27bbdccdc7c38c6e9a4e0fc5beeb5d62

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-ad0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175784dab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 modernizr-custom.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 17 KB
7 KB 267ms
208ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/modernizr-custom.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef50f34fe91c6ae3b39114d4a652645e3086ddf99b8ac23f186f12831525904

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-427e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175784eab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.smartresize.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 266 B
366 B 270ms
213ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.smartresize.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f368bad709ba2631e19261f4aceed4b15c9ec0c0bf17fe6346db2bbb2249e4e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-10a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175784fab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 chosen.jquery.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 28 KB
7 KB 269ms
212ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/chosen.jquery.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040836fe8ebb8eb6782f1addbbc640c37a28fceed0193a42ff25d16ea1a4859b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-70f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757850ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.magnific-popup.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 20 KB
7 KB 288ms
232ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.magnific-popup.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b01b5965ea8d499eed20e985daac93b6ca5d45a9028b93d09e5859f4bad02e5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-4e4b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757851ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.jnewsgif.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 1 KB
707 B 287ms
232ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.jnewsgif.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-477"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01757852ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.jsticky.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 2 KB
1002 B 285ms
228ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.jsticky.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48a8f9a8d3784d3557cb86f2850af6f46195a06fb446c4f163e2c767c8ab872

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-78e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175885aab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.transit.min.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 8 KB
3 KB 298ms
240ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.transit.min.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1e96"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175885bab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 45 KB
12 KB 303ms
244ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/main.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f79c05535d34d0218fac7e11eb644ee1b7c97ccf6c92551b6a450ea4180513

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-b584"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175885cab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 darkmode.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 6 KB
2 KB 319ms
261ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/darkmode.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d56d5a0e647d7beb88c3e9c6fe928ee9d5260426fc364b1f9aadf93b37108b5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1942"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01758860ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 googlesitekit-consent-mode-3d6495dceaebc28bcca3.js Show response
tribuneonlineng.com/wp-content/plugins/google-site-kit/dist/assets/js/ 73 KB
25 KB 319ms
261ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/google-site-kit/dist/assets/js/googlesitekit-consent-mode-3d6495dceaebc28bcca3.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:28 GMT
server: cloudflare
age: 413388
etag: W/"66aa3cb0-123f7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01758862ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 supposition.js Show response
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/ 1 KB
764 B 344ms
288ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/supposition.js?ver=11.0.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28d894b4664f51376d31de576644dad93b7c928551e66efc58bdba0ad51f3a9d

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 06:42:00 GMT
server: cloudflare
age: 413387
etag: W/"66348738-523"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01758864ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 mouse.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/ 3 KB
1 KB 89ms
22ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/mouse.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H2 200 sortable.min.js Show response
c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/ 25 KB
7 KB 87ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.6.1/wp-includes/js/jquery/ui/sortable.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8ff5de1b0b1d4922b0bf1eea21886efa9976d29655dd30c5ea435dc0b583aeee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-nc: HIT yyz 2
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 27 Jun 2024 13:51:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Wed, 13 Aug 2025 19:10:31 GMT

GET
H3 200 plugin.js Show response
tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/ 17 KB
5 KB 339ms
285ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/jnews-video/assets/js/plugin.js?ver=11.0.5
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0514580c53e8c81ce58ff2a3f86d65f5c8b671896f9c4f0489973670c1912f94

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 May 2024 06:42:00 GMT
server: cloudflare
age: 413388
etag: W/"66348738-437f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01758868ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.module.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 8 KB
2 KB 356ms
304ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.module.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75732fd39e20d53586ec075a3e132e2d7d600906889e286597fdf11da4e481b4

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1f7d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175986aab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 e-202433.js Show response
stats.wp.com/ 7 KB
3 KB 3204ms
52ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202433.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT yyz
date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166114208.802
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 11 Aug 2025 18:52:52 GMT

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 97ms
42ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 345
etag: W/"09282956186c8515ef0d208902803581"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8b2b0175ad25ac3a-YYZ
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Aug 2024 19:10:31 GMT

GET
H3 200 jquery.jscrollpane.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 16 KB
6 KB 357ms
304ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jquery.jscrollpane.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 395068524eba83d23e0dc43f31739f9a8f3965bf7851a87f890329cb107084d7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413462
etag: W/"669efc4d-40d5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175986eab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 tiny-slider.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/ 32 KB
13 KB 356ms
304ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834f36e331c276d5f1f5ad0f25c293b00512410612cddf6e6e2266bb4df43f3f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 410403
etag: W/"669efc4d-7eb6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759872ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 tiny-slider-noconflict.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/ 251 B
297 B 398ms
345ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/tiny-slider/tiny-slider-noconflict.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b932a10c6814724741c5dcfb0fd8bb70ff95946a13a2e2acecbdfc4d10240f92

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 410403
etag: W/"669efc4d-fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759877ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 jnewsvidplaylist.js Show response
tribuneonlineng.com/wp-content/themes/jnews/assets/js/ 6 KB
2 KB 399ms
346ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/js/jnewsvidplaylist.js?ver=1.0.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaa7065055f42e86e37612bbdc5aa850a777de5fbee8740f358c7dbb45b7921

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413462
etag: W/"669efc4d-1624"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b0175987dab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 webpack.runtime.min.js Show response
tribuneonlineng.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 404ms
351ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.23.3
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02caeda898063a8981b1a6c8afe31a8d12b51e88842338b3c3506771e29af8d9

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413462
etag: W/"66aa3cad-1385"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759881ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend-modules.min.js Show response
tribuneonlineng.com/wp-content/plugins/elementor/assets/js/ 72 KB
20 KB 404ms
351ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.23.3
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f2ef13495d2acf51e4c0e32b2e5b924ffb671722195958f7a2ab6e4350da8f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413462
etag: W/"66aa3cad-11f60"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759882ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 waypoints.min.js Show response
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 449ms
397ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413462
etag: W/"66aa3cad-2fa6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759884ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 frontend.min.js Show response
tribuneonlineng.com/wp-content/plugins/elementor/assets/js/ 39 KB
12 KB 455ms
403ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.23.3
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c3050a6e8a667b2fbc0a74647a3bac6bbeee4f7b3e70499209b915ac736083

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413462
etag: W/"66aa3cad-9d39"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01759886ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 89ms
87ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/wp-content/plugins/payment-forms-for-paystack/public/css/pff-paystack-style.css?ver=2.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:17:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
H3 200 fontawesome-webfont.woff2
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/ 75 KB
76 KB 63ms
62ms Font
application/font-woff2 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tribuneonlineng.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413389
etag: "669efc4d-12d68"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01744f03ab08-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 jegicon.woff
tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/ 7 KB
7 KB 220ms
219ms Font
application/font-woff 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/fonts/jegicon/fonts/jegicon.woff
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer: https://tribuneonlineng.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
server: cloudflare
age: 413388
etag: W/"669efc4d-1be8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01744f05ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 221ms
220ms Font
application/font-woff2 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://tribuneonlineng.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
last-modified: Wed, 31 Jul 2024 13:31:25 GMT
server: cloudflare
age: 413388
etag: "66aa3cad-12d68"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01744f08ab08-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
BLOB 200
OK c6f3cca1-b974-497b-a1ea-f5c411cec888
https://tribuneonlineng.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://tribuneonlineng.com/c6f3cca1-b974-497b-a1ea-f5c411cec888
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain

https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2

4 KB
2 KB

3344ms
67ms

Script
application/javascript

18.173.219.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 18.173.219.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-66.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:01 GMT
content-encoding: br
via: 1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
last-modified: Mon, 01 Jul 2024 09:12:25 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 35
x-amz-server-side-encryption: AES256
etag: W/"2f952b6e5c723f68a451eda821ff0ce5"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: JO1w-bvpDVGJOJmfw_ppj8I4jeAszk_jaObfnII8VdwZ8n-tppWb_A==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date: Tue, 13 Aug 2024 19:09:51 GMT
via: 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 42
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 20:03:11 GMT
server: AmazonS3
etag: "408e9e32ff11d19e90e67eb67eb171dc"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 0IPxyPF3_oAvVNaSKo1X7FbKtFjPmRmPEX8lCWFzznaAJRtOU9luXQ==

GET
H3 200 236975a1dae620110925514e1.min.js Show response
scaredslip.com/public/a3e4bc172b2/ 67 KB
24 KB 155ms
69ms Script
text/javascript 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredslip.com/public/a3e4bc172b2/236975a1dae620110925514e1.min.js

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a4c0c213c3a33d6e7988cc93a0304a8b2adf4771fa5ba0b517e40aa7b302a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-us-central1
etag: W/"7683f18f3a2e419569a755b23855474ab12aa75c41508b3f23767b4bc1385916"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-central1-0xg9
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 8b2b0175d874abf1-YYZ

GET
H3 200 lib_adagio.js Show response
cdn.themoneytizer.fr/ads/ 2 KB
1 KB 120ms
46ms Script
application/javascript 104.21.40.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.themoneytizer.fr/ads/lib_adagio.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
x-amz-version-id: qvYhA6q9SmHJElAJ4hWBgTd.Ag0_5M8x
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: B4TQPRMTABYRE346
age: 1477363
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sQiHhEvasjuptirR51REe8NUdiQICXIftBbBcTQdZQvrAEhpu8ew/2v7QB3Aw4uWPQO5mHSoY2/1BZLlyu0V+w==
last-modified: Wed, 05 Jun 2024 18:28:25 GMT
server: cloudflare
etag: W/"f2ae4810b618b8843df5265f6320f1a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4s3HAau%2F8UvWLnWRDsAqNgTS6Pk0jyCVCYiNakTYoXEkgxT47ohX2YOQJN1mS1jgkClVHlDn6OGJXBbHgmzJdDy4xJvidGRBp%2FQXy9BlFcZKXYM2H1Ejr30mkqKttmFZtxdSAyvhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b2b0176699ea228-YYZ

GET
H3 200 lib_fs_close.js Show response
cdn.themoneytizer.fr/ads/ 652 B
996 B 34ms
30ms Script
application/javascript 104.21.40.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.themoneytizer.fr/ads/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.40.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e55a95e9db7e15e936fb087be3b7f51c680f4902d4a19c2a15467d29678cae

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
x-amz-version-id: Nnvvv1jdDwZYuBcVZSRsjH6BurhA_E9P
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R38MFAVFC4VWHTQS
age: 1479961
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: S9vHEdxD2Ql/JO3CdHmpYMbE9YY693RLv2zgGVBJYl+G5mPBqiil80BnKOdmAhnHY7noFXa1mtNAottUUco2yw==
last-modified: Wed, 05 Jun 2024 18:28:22 GMT
server: cloudflare
etag: W/"51041511d28e6417ba394f775f87da93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M0IssSsi3jzhlB9QrkEdTlOnSAPOQ0BqwnCxXyXrsNNZRCPXkXWRhEHx43ui3mPb80bQzizSgx3wRDfPLoCB0gAOWUHIdFAPY2YPW3OJgfKKAV2qGDwSJDkrDlkFMG%2BlGkWawfagMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b2b0176a9eaa228-YYZ

GET smart.js
ced.sascdn.com/tag/1097/ 0
0

GET sync
gum.criteo.com/ 0
0

GET
H2 200 /
onetag-sys.com/usync/ Frame 65DB 0
0 235ms
35ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7b2ec27f127242e&cb=1723576231199

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 449ms
64ms Script
application/javascript 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Aug 2024 19:10:31 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12761/ 5 KB
5 KB 448ms
117ms Script
application/javascript 54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 41dcf3f867a8e8da8d292d6b23b83f96e7b6009b282b42770d3ee00ea7482e13

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cache-control: public, max-age=86400
content-length: 4879
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK mailNotification.php Show response
adtrack.adleadevent.com/ 0
859 B 686ms
112ms Script
application/x-javascript 99.80.30.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.30.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-30-141.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 19:10:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Aug 2024 19:10:32 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Tribune-Online-Website-Cropped-Logo.png
tribuneonlineng.com/wp-content/uploads/2023/05/ 16 KB
0 7ms
6ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2023/05/Tribune-Online-Website-Cropped-Logo.png
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ae5ca5f83697df545671effeaf1567404e779d58c06979af9e9099e115e9974

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
cf-cache-status: HIT
age: 413388
cf-polished: origFmt=png, origSize=25814
content-disposition: inline; filename="Tribune-Online-Website-Cropped-Logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16088
last-modified: Tue, 13 Jun 2023 23:15:47 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6488f8a3-64d6"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01711cb9a1da-YYZ

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK metric
metrics.biddertmz.com/ 0
0 623ms
112ms Fetch
text/plain 34.248.22.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.biddertmz.com/metric?s=97152&f=31&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.22.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-22-168.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:31 GMT
Server: nginx/1.12.2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain, text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept
Content-Length: 0

GET
H2 200 /
www.podbean.com/player-v2/ Frame 8872 0
0 528ms
53ms Document
text/html 104.22.0.202
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.podbean.com/player-v2/?i=fpzpa-f1c6c7-pbblog-playlist&share=1&download=1&rtl=0&fonts=Arial&skin=c73a3a&font-color=&logo_link=episode_page&order=episodic&limit=10&filter=all&ss=a713390a017602015775e868a2cf26b0&btn-skin=666666&size=480

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.0.202 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8b2b0178dd14ab39-YYZ
content-encoding: br
content-type: text/html
date: Tue, 13 Aug 2024 19:10:31 GMT
last-modified: Tue, 13 Aug 2024 02:59:28 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 preloader.gif
tribuneonlineng.com/wp-content/themes/jnews/assets/img/ 2 KB
2 KB 372ms
371ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/img/preloader.gif
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab781bf27583bdff4e614a22c4cfad9b122df26146560761b886f15a87038e4

Request headers

Referer: https://tribuneonlineng.com/wp-content/themes/jnews/assets/css/main.css?ver=1.0.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
age: 413387
cf-polished: origFmt=gif, origSize=4399
content-disposition: inline; filename="preloader.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1620
last-modified: Tue, 23 Jul 2024 00:41:49 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "669efc4d-112f"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b0175e8bfab08-YYZ

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
13 KB 482ms
89ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 20:57:51 GMT
x-content-type-options: nosniff
age: 425560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 20:57:51 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
0 9ms
9ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:08 GMT
server: cloudflare
age: 54618
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b01739a9eab30-YYZ
apigw-requestid: cbcLXhHdDoEEP5w=

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 170 KB
0 6ms
6ms Script
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=31
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: 90a0be64aef035903d14a6656aa0e385dfdc5781c96f144a790f6fa296bd7512

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:00:09 GMT
server: cloudflare
age: 54260
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=259200
cf-ray: 8b2b0173cac6ab30-YYZ
apigw-requestid: cbcLciLpDoEEJYg=

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
0 2ms
2ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

94665953fcae4d8f163f2f95b490cd21b1aec2be6cb2789e791066a0ed880c4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52910
x-xss-protection: 0
server: cafe
etag: 10934177194090956579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
DATA 200
OK truncated
/ 43 B
43 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 35ms
34ms Script
text/javascript 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2269
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 13 Aug 2025 18:32:42 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/ 86 KB
30 KB 174ms
62ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

41d0cb0f29f83878366aa5623d787330c17275adefc106923873ea8118ddc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30778
x-xss-protection: 0
server: cafe
etag: 17580898029447510393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/ 422 KB
142 KB 201ms
90ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

df472d39b2c5b223f444a7fa31ecea18bea3de58600c34f945834d3690996453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145415
x-xss-protection: 0
server: cafe
etag: 6548118916636305838
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 19:10:31 GMT

GET
H2 200 GOvlfapXUAAHEre.png
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/05/ 3 KB
3 KB 466ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/05/GOvlfapXUAAHEre.png?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

93fe7f2888a30fd7916f4c2cbfc285793691c5cefd15fae5e9da7e111b760d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2722
x-nc: HIT yyz 3
last-modified: Wed, 29 May 2024 14:56:27 GMT
server: nginx
etag: "7a3709445983a98f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2024/05/GOvlfapXUAAHEre.png>; rel="canonical"
expires: Sat, 30 May 2026 02:56:27 GMT

GET
H2 200 Northern-protesters.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/ 802 B
1 KB 464ms
24ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/Northern-protesters.jpg?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

c607456fb966b302ee1c727930e8bdafe0527ccceda6968b72969326e1893111

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 802
x-nc: HIT yyz 2
last-modified: Sun, 11 Aug 2024 17:08:12 GMT
server: nginx
etag: "5cc94890ce1b1de2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2024/08/Northern-protesters.jpg>; rel="canonical"
expires: Wed, 12 Aug 2026 05:08:12 GMT

GET
H2 200 IMG_20240810_113203_889-scaled-e1723298387400.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/ 670 B
1 KB 36ms
17ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/IMG_20240810_113203_889-scaled-e1723298387400.jpg?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e0e8435ebde651ac7f129aa4d356b8a05383d3c3127395a1e1694e01c33bcb19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 670
x-nc: HIT yyz 1
last-modified: Mon, 12 Aug 2024 00:07:11 GMT
server: nginx
etag: "b7be63af37d8b8c0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2024/08/IMG_20240810_113203_889-scaled-e1723298387400.jpg>; rel="canonical"
expires: Wed, 12 Aug 2026 12:07:11 GMT

GET
H2 200 Aduke-Gold-e1723541508578.webp
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/ 748 B
1 KB 34ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/Aduke-Gold-e1723541508578.webp?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a3ef64bc926bd7be1e61ac47dbe6bb954bf7382cea10dbadd876266b64ca05a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 748
x-nc: HIT yyz 4
last-modified: Tue, 13 Aug 2024 13:08:44 GMT
server: nginx
etag: "8c5b09d977e0625a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2024/08/Aduke-Gold-e1723541508578.webp>; rel="canonical"
expires: Fri, 14 Aug 2026 01:08:44 GMT

GET
H2 200 modaylines.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2016/08/ 720 B
1 KB 33ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2016/08/modaylines.jpg?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

766b0a7e95add175ad983311e783879e3fc830e9cb20a574cfb34bfe7cbdd3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 720
x-nc: HIT yyz 3
last-modified: Tue, 13 Aug 2024 00:10:53 GMT
server: nginx
etag: "be424d05ed8bd7ec"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2016/08/modaylines.jpg>; rel="canonical"
expires: Thu, 13 Aug 2026 12:10:53 GMT

GET
H2 200 Gospel-singer-Aduke-Gold-reportedly-is-dead-Kemi-Filani-blog-min-e1723536530989.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/ 820 B
1 KB 32ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2024/08/Gospel-singer-Aduke-Gold-reportedly-is-dead-Kemi-Filani-blog-min-e1723536530989.jpg?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

25c3c76cdbf159ad4d4fe6c1d2164835c1232890e7adf641b1a253905e53d6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 820
x-nc: HIT yyz 2
last-modified: Tue, 13 Aug 2024 11:57:16 GMT
server: nginx
etag: "82e8832c73b7339a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2024/08/Gospel-singer-Aduke-Gold-reportedly-is-dead-Kemi-Filani-blog-min-e1723536530989.jpg>; rel="canonical"
expires: Thu, 13 Aug 2026 23:57:16 GMT

GET
H2 200 Supreme_Court-1024x570-1-e1719584983869.jpg
i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/05/ 522 B
938 B 32ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/tribuneonlineng.com/wp-content/uploads/2023/05/Supreme_Court-1024x570-1-e1719584983869.jpg?resize=40%2C40&ssl=1

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f04c670291bf2189a6f21ea8acee816424ea50b6ea1c4cda513ff82e4dad9c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 522
x-nc: HIT yyz 4
last-modified: Sat, 10 Aug 2024 21:13:13 GMT
server: nginx
etag: "d4d80d382db75e18"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://tribuneonlineng.com/wp-content/uploads/2023/05/Supreme_Court-1024x570-1-e1719584983869.jpg>; rel="canonical"
expires: Tue, 11 Aug 2026 09:13:13 GMT

GET
H3 200 Senate-2-e1689589482174-360x180.jpg
tribuneonlineng.com/wp-content/uploads/2023/07/ 19 KB
20 KB 46ms
44ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2023/07/Senate-2-e1689589482174-360x180.jpg
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec575b64667939b945aaba8d9739a20004bd36506ae6e6f4ceb95784bd9e6a8e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
age: 3836
cf-polished: origSize=20887
alt-svc: h3=":443"; ma=86400
content-length: 19962
last-modified: Mon, 17 Jul 2023 10:24:42 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "64b516ea-5197"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01788b81ab08-YYZ

GET
H3 200 Tinubu-120x86.jpg
tribuneonlineng.com/wp-content/uploads/2024/07/ 3 KB
4 KB 44ms
41ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2024/07/Tinubu-120x86.jpg
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0126785e575a612406ef199670e1d8ecdac322ffe72534b5c364e31cf9967e3b

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
age: 3837
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 3482
last-modified: Sat, 06 Jul 2024 16:28:03 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "66897093-d9a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01788b83ab08-YYZ

GET
H3 200 FRSC-120x86.jpg
tribuneonlineng.com/wp-content/uploads/2023/11/ 4 KB
4 KB 63ms
61ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2023/11/FRSC-120x86.jpg
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b353ba6d64956947dce123686a4f61f0561672901ee0312868ea63364cf769d8

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
age: 3929
cf-polished: origSize=36911
alt-svc: h3=":443"; ma=86400
content-length: 4115
last-modified: Fri, 17 Nov 2023 14:59:56 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "65577fec-902f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01788b84ab08-YYZ

GET
H3 200 Bola-Tinubu-e1717506377318-120x86.jpeg
tribuneonlineng.com/wp-content/uploads/2024/06/ 4 KB
4 KB 63ms
61ms Image
image/jpeg 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2024/06/Bola-Tinubu-e1717506377318-120x86.jpeg
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c91b6490555f9ec593e1bce9c0174ef94751056a757bd9e80c71b92cf1643e

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
age: 14177
cf-polished: origSize=3751
alt-svc: h3=":443"; ma=86400
content-length: 3744
last-modified: Tue, 04 Jun 2024 13:06:17 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "665f1149-ea7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01789b86ab08-YYZ

GET
H3 200 TINUBU-PRESIDES-OVER-FEC-MEETING-23-OCTOBER-B-e1715675511386-120x86.webp
tribuneonlineng.com/wp-content/uploads/2024/07/ 4 KB
4 KB 43ms
41ms Image
image/webp 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tribuneonlineng.com/wp-content/uploads/2024/07/TINUBU-PRESIDES-OVER-FEC-MEETING-23-OCTOBER-B-e1715675511386-120x86.webp
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8724434d64c56953f4f478ccf088561367f6b0530d34d77ed685fc37b8ffb388

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:31 GMT
cf-cache-status: HIT
last-modified: Mon, 29 Jul 2024 13:24:35 GMT
server: cloudflare
age: 21698
etag: "66a79813-f02"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2b01789b87ab08-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 3842

GET
H2 200 prebid.js Show response
tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/ 411 KB
139 KB 1140ms
47ms Script
application/javascript 172.67.174.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=97152&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.174.127 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8211c257e20d92b79ecf520ebee4d9a61ffd39cef7ed8e7c7e35cacfa733566f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T6F9GGDSYVCYPP2X
age: 1868670
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kkaRvEf4LLwRcCy92kOgE4u0QqdbTkRmbd663P/jjXXEibaW8u1c8B/kAA2Io6+YQiDHaEUAMoK4QLGFw7GdwQ==
last-modified: Mon, 22 Jul 2024 22:30:41 GMT
server: cloudflare
etag: W/"d875a005e9b8436d20bc26b2a2c9bde8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIB5Z7ovXICQ0WXVBYpgM1X8EElaEsCkvQEmNQN5GOtFo53Htoh0p78VuNz0yOrFEVh8GdfoGHryNXavk1fYZ2Gij3yN4AgtAt5%2Bm0BK5jw5zDpKlAweQH5Gdu%2BuQPgclam8paMf%2BLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2678400
cf-ray: 8b2b01837db4b408-YYZ

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 102ms
100ms Fetch
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1896573800096815
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 1396ms
33ms Script
application/javascript 13.226.34.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-90.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:08:03 GMT
content-encoding: gzip
via: 1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: zP3IGy1qdKmDVYdAubN2cjvShT-Ut3G-5w3P8J3xlW50dtAcg8epvA==

POST
H2 200 /
reporting.powerad.ai/ 2 B
272 B 387ms
40ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
222 B 123ms
41ms Fetch
text/plain 3.230.247.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=2
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.247.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-247-109.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 detect-aau Show response
powerad.ai/ 2 B
223 B 115ms
40ms Fetch
text/plain 3.230.247.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/detect-aau?ch=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.247.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-247-109.compute-1.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 / Show response
powerad.ai/pubPls/ 11 KB
3 KB 49ms
45ms XHR
text/html 3.230.247.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Ftribuneonlineng.com%2F
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.247.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-247-109.compute-1.amazonaws.com
Software: / Express
Resource Hash: 9e40f8c779bed89b4adb4a19e78ea92a7300d3a020c460fda548ad5efce7eaeb

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"2d83-kf5CM9HRi3SBgp1PbDE/Dy3eK4w"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 1400ms
38ms Script
text/plain 3.231.69.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.69.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-69-201.compute-1.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
access-control-allow-methods: POST, GET, DELETE, PUT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 2753

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
97 KB 1507ms
88ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9

Requested by

Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

083541eaa3dd91120153eb9a22e219ad17b91ce22d70427a719f758e308b14a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 19:10:34 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12967/ 5 KB
5 KB 113ms
113ms Script
application/javascript 54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12967/px.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1d29dee2420b25daab44f50c57606fdd3b5fa63a7e6bb177acc4aa8aed0d19e6

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:32 GMT
cache-control: public, max-age=86400
content-length: 4879
content-type: application/javascript; charset=UTF-8

POST
H2 200 /
reporting.powerad.ai/ 2 B
271 B 40ms
39ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/204857924095125/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 2

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 29ms
22ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=118125416&post=692147&tz=1&srv=tribuneonlineng.com&j=1%3A13.6&host=tribuneonlineng.com&ref=&fcp=2500&rand=0.8172464130616865
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 19:10:34 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 42ms
41ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=1.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 434
etag: W/"7e91359b46e1da637080a03b759164fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8b2b0189685eac3a-YYZ
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Aug 2024 19:10:34 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
478 B 420ms
34ms Image
image/gif 18.173.132.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=qthlqa&adnum=8756941
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-63.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:45:42 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 050d3e345e03ee19c1b095050789e432.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 1493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: a6TlMscbG4sP51S4T_DvbBZKxRVFtA7v8YAiU3_A2z50w_g-SGZ5eg==

GET
H3 200 wp-emoji-release.min.js Show response
tribuneonlineng.com/wp-includes/js/ 18 KB
5 KB 44ms
43ms Script
application/javascript 162.159.137.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tribuneonlineng.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.137.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Apr 2024 01:30:46 GMT
server: cloudflare
age: 408972
etag: W/"661348c6-4926"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b2b01898c45ab08-YYZ
alt-svc: h3=":443"; ma=86400

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 0BA0 250 KB
76 KB 13729ms
38ms Script
application/javascript 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:26:15 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=168469
accept-ranges: bytes
content-length: 77836
expires: Thu, 15 Aug 2024 17:58:37 GMT

GET pbjs_wrapper.v2.0.js
hb.brainlyads.com/ Frame 33C7 0
0

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET prebid.js
hb.brainlyads.com/ Frame 0BA0 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 130ms
129ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-226683900-11&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

23cb4af936c70370b4787b22d7bb8f88413f411e9f036c40c8d7f435d7d041c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77161
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 19:10:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 236ms
236ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5192e73424cf74f5877f3beeb350367e2ae27107974f7d2ed81f6d397b8d028c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 19:10:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 127ms
47ms Fetch
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6MC096FRP9&gtm=45je4880v890329046za200&_p=1723576231184&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1504960400.1723576235&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723576234&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2F&dt=Breaking%20News%2C%20Latest%20News%2C%20Politics%2C%20Entertainment%20-%20Tribune%20Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=5944
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6MC096FRP9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/ 3 KB
2 KB 41ms
40ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/e9d1f0e1-fda0-493c-bec4-7ed3996de5b8/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abb3632e200e6ec83ac8776b76fea4c7a360bb299956d631c6d5c2d69eb98931

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 1219
cf-polished: origSize=3377
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0ed4bb58-b1ef-4030-8da4-8ef8037c8aa2
x-runtime: 0.042063
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"47d5db2ad1179dd6bfc7d4df6bb32a00"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8b2b018b3a0cac3a-YYZ
access-control-allow-headers: SDK-Version
expires: Tue, 13 Aug 2024 20:10:34 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 37ms
37ms Stylesheet
text/css 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 654
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 8b2b018baa77ac3a-YYZ
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Thu, 12 Sep 2024 19:10:34 GMT

POST
H3 200 c3a1d2e86c5752801f2a94e163158631e261a14be9d6 Show response
scaredslip.com/submit/23367044/ 301 B
720 B 92ms
65ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredslip.com/submit/23367044/c3a1d2e86c5752801f2a94e163158631e261a14be9d6

Requested by

Host: scaredslip.com
URL: https://scaredslip.com/public/a3e4bc172b2/236975a1dae620110925514e1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1cfcd3cac2859e93266bbf0f2a9ad9dab7eacbb51fc4b2f730669fa97ea468f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-us-central1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
x-hostname: fen-hoothoot-us-central1-0xg9
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8b2b018c7a07ab06-YYZ
expires: Tue, 13 Aug 2024 19:10:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 258 KB
91 KB 146ms
146ms Script
application/javascript 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGSPWE8QJG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226683900-11&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9510d373531d6725328f8b634dd8c0e5438a1d299968874811d208c44f7fd5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 19:10:35 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 110ms
107ms Image
text/html 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-226683900-11&v=3&t=t&pid=2145057303&cv=1&rv=4880&tc=5&x=1&tag_exp=0&es=1&e=gtm.init_consent&eid=0&u=AAAAAIADAAAAAAAAAAAAEAAY&h=Ag&z=0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 109ms
106ms Image
text/html 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-226683900-11&v=3&t=t&pid=2145057303&cv=1&rv=4880&tc=5&x=1&tag_exp=0&es=1&e=gtm.init&eid=1&u=AAAAAIADAAAAAAAAAAAAEAAY&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2ccdgalast&z=0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 266ms
263ms Image
text/html 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-226683900-11&v=3&t=t&pid=2145057303&cv=1&rv=4880&tc=5&x=1&tag_exp=0&es=1&e=gtag.config&eid=2&u=AAAAAIADAAAAAAAAAAAAEAEY&h=Ag&epr=1UA&tr=1rep.1zone&ti=1rep.1zone&z=0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 263ms
261ms Image
text/html 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-226683900-11&v=3&t=t&pid=2145057303&cv=1&rv=4880&tc=5&x=1&tag_exp=0&es=1&e=gtag.config&eid=8&u=AAAAAIADAAAAAAAAAAAAEAEY&h=Ag&z=0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
40 B 264ms
262ms Image
text/html 142.251.40.232
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-226683900-11&v=3&t=t&pid=2145057303&cv=1&rv=4880&tc=5&x=1&tag_exp=0&es=1&e=gtag.config&eid=10&u=AAAAAIADAAAAAAAAAAAAEAEY&h=Ag&z=0

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.232 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 c3a1d2e86c5752801f2a94e163158631e261a14be9d6 Show response
scaredslip.com/22367044/ 3 B
456 B 136ms
136ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredslip.com/22367044/c3a1d2e86c5752801f2a94e163158631e261a14be9d6

Requested by

Host: scaredslip.com
URL: https://scaredslip.com/public/a3e4bc172b2/236975a1dae620110925514e1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
content-length: 3
server: cloudflare
x-datacenter: gce-us-central1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
x-hostname: fen-hoothoot-us-central1-0xg9
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8b2b018cfac2ab06-YYZ
expires: Tue, 13 Aug 2024 19:10:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 49ms
46ms Fetch
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XGSPWE8QJG&gtm=45je4880v9134166202za200&_p=1723576231184&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1504960400.1723576235&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1723576235&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2F&dt=Breaking%20News%2C%20Latest%20News%2C%20Politics%2C%20Entertainment%20-%20Tribune%20Online&en=page_view&_fv=1&_ss=1&tfd=6565
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XGSPWE8QJG&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 43ms
42ms Script
text/javascript 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-226683900-11&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Aug 2024 18:04:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3992
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Aug 2024 20:04:03 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 134ms
54ms Fetch
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8SFJTPHHCP&gtm=45je4880v885589874za200zb890329046&_p=1723576231184&_gaz=1&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=1000g&tag_exp=0&cid=1504960400.1723576235&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723576234&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2F&dt=Breaking%20News%2C%20Latest%20News%2C%20Politics%2C%20Entertainment%20-%20Tribune%20Online&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7018
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 7750ms
83ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8SFJTPHHCP&cid=1504960400.1723576235&gtm=45je4880v885589874za200zb890329046&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 159ms
113ms Image
image/gif 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8SFJTPHHCP&cid=1504960400.1723576235&gtm=45je4880v885589874za200zb890329046&aip=1&dma=0&gcs=G1--&gcd=13l3l3l3l5&npa=0&frm=0&tag_exp=0&tag_exp=0&z=995043277

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 52ms
51ms XHR
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1960522172&t=pageview&_s=1&dl=https%3A%2F%2Ftribuneonlineng.com%2F&ul=en-ca&de=UTF-8&dt=Breaking%20News%2C%20Latest%20News%2C%20Politics%2C%20Entertainment%20-%20Tribune%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1376716&gjid=1022603152&cid=1504960400.1723576235&tid=UA-226683900-11&_gid=454158949.1723576236&_r=1&gtm=457e4880h1z8890329046za200zb890329046&gcs=G1--&gcd=13l3l3l3l5&dma=0&tcfd=1000g&tag_exp=0&jsscut=1&z=1313779097

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
44 KB 38ms
38ms Script
text/javascript 18.173.219.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-66.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7245e25d6b55f5e66b7525738c32f69601bf8c1230bbb79732e5b68bb9c77f15

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 05:26:59 GMT
content-encoding: br
via: 1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
age: 49416
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
server: AmazonS3
etag: W/"e03797a824781372f42f2a38fe4756e3"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: uMnID73bcfOV5tk2qphUoewJjrqCMph2k1Td8IApbo_wwMjqH-a2Wg==

GET
H2 200 geoip Show response
cmp.inmobi.com/ 48 B
333 B 420ms
102ms XHR
application/json 18.173.219.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-66.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1a646aade9fc30cf08717263cf5d877755797128d84984bba97ee25179618ffc

Request headers

Accept: application/json, text/plain, */*
Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:36 GMT
via: 1.1 73c72f4ba985fa512968a14b5bd2f576.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P1
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 48
x-amz-cf-id: Rgjzkrk_6yuvZMO28Yvl3EkTzqKliCflLtyNvZC38ZyHa-gpEchqCw==

OPTIONS json
gum.criteo.com/sid/ Frame 0
0

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
705 B 3232ms
75ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:39 GMT
an-x-request-uuid: 9bd0c5bc-2202-4fe8-a954-efdcd71c4991
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
568 B 511ms
41ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: adfa85b06ac19516517ea7ed4458688597320c95cc1ebcfda73bb35c935bf393

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:36 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 12 Sep 2024 19:10:36 GMT

GET apstag.js
c.amazon-adsystem.com/aax2/ 0
0

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
704 B 3283ms
54ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:39 GMT
an-x-request-uuid: fb2dde9c-054e-4720-93b6-732df14b7142
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
0 509ms
509ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: adfa85b06ac19516517ea7ed4458688597320c95cc1ebcfda73bb35c935bf393

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:36 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 12 Sep 2024 19:10:36 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0&b=1&tp=v7zbkoDDuI3jll7CqTfWZon%2BxCVkGGw1mivFCzByIf4%3D

42 B
138 B

55ms
54ms

Fetch
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0&b=1&tp=v7zbkoDDuI3jll7CqTfWZon%2BxCVkGGw1mivFCzByIf4%3D
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:43 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 13 Aug 2024 19:10:43 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://tribuneonlineng.com
location: https://lexicon.33across.com/v1/envelope?pid=0015a00002vNEdMAAW&gdpr=0&src=pbjs&ver=9.6.0&coppa=0&b=1&tp=v7zbkoDDuI3jll7CqTfWZon%2BxCVkGGw1mivFCzByIf4%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET json
gum.criteo.com/sid/ 0
0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 193 B
667 B 519ms
122ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

f76a38d24efdb56a2e2aae1d3c3e6395126aafca398a7432099d040404d05000

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tribuneonlineng.com
content-type: application/json;charset=UTF-8
date: Tue, 13 Aug 2024 19:10:36 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"

GET id
id.crwdcntrl.net/ 0
0

GET

get_or_create
cookie-matching.mediarithmics.com/v1/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdp...
https://id5-sync.com/c/12/108/8/2.gif?puid=f823ad8f-b904-4d9c-a7f9-3e9a76a7aa0f&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=e4210c60-f630-43f1-8369-19aebd26c953&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/6/4.gif?puid=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F6%2F4.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/2/6/4.gif?puid=123673216718909832&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/12/112/5/5.gif?puid=9AF328FFE81DBCD8&gdpr=0&gdpr_consent=
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/104/4/6.gif?puid=d8361303-31de-442c-b1be-bdae2ea5e13b&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/12/19/3/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/19/3/7.gif?puid=67ad370226cb58eefe387de7635c29ca&gdpr=0&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033

0
0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/ Frame 1D39 0
0 142ms
37ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 14507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 15:08:49 GMT
etag: 3784890935487277381
expires: Tue, 27 Aug 2024 15:08:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D7C2 0
0 593ms
494ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1723575898&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~32_18~27_9~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=14&bdt=1129&idt=300&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6512033505913&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fsapi=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=4825

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18381
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:37 GMT
expires: Tue, 13 Aug 2024 19:10:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9CFE 0
0 603ms
506ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&h=90&slotname=5290815155&adk=880807324&adf=1011185357&pi=t.ma~as.5290815155&w=728&abgtt=6&lmt=1723575898&format=728x90&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=19&bdt=1128&idt=465&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6512033505913&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=821&ady=22&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=4834

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:37 GMT
expires: Tue, 13 Aug 2024 19:10:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 59C3 0
0 491ms
397ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-1896573800096815&output=html&h=280&slotname=9368067099&adk=1609742274&adf=1774269289&pi=t.ma~as.9368067099&w=754&abgtt=6&fwrn=4&fwrnh=100&lmt=1723575898&rafmt=1&format=754x280&url=https%3A%2F%2Ftribuneonlineng.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723576231637&bpp=2&bdt=1129&idt=485&shv=r20240812&mjsv=m202408070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6512033505913&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=5027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=854555491355164&tmod=1159989176&uas=0&nvt=1&fc=1920&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=4843

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:37 GMT
expires: Tue, 13 Aug 2024 19:10:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame BA24 0
0 107ms
36ms Document
text/html 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29247
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 18:51:01 GMT
expires: Tue, 13 Aug 2024 19:41:01 GMT
last-modified: Mon, 12 Aug 2024 19:45:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET ob.js
cdn-ima.33across.com/ 0
0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 42 KB
13 KB 108ms
37ms Script
text/javascript 108.138.128.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f58252a635fcb2b8160e9303570bf732faa3ab57aed8a3926845137b395c6ad

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 15:55:08 GMT
content-encoding: gzip
via: 1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified: Mon, 12 Aug 2024 15:12:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 11735
x-amz-server-side-encryption: AES256
etag: W/"7c09ab4a53c38ce23b3a1495a5b2987e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Vcs4-GDBO6mXnz7jKsjX4mtnpmELdGOoQqkwhrloynXtXJYn5jH_ow==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 3183ms
75ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 04:57:45 GMT
content-encoding: gzip
age: 1606380
x-guploader-uploadid: AHxI1nPUQKF5DpsjRRe9AW2s4fo-2FaBaXmoRMTgJJ1g7uQnu33ZZmYZKdcmWMt1ojGZYuWv6fI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 26 Jul 2025 04:57:45 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 169ms
44ms Script
text/javascript 74.119.117.4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-a6cc"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 19:10:43 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 189ms
135ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:43 GMT
via: 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 9c5098e2e0374bcd9f8da8cb159389e1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
18 KB 270ms
269ms Fetch
text/plain 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=854555491355164&correlator=376504956570238&eid=31085718%2C31085720%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&iu_parts=33885318%2C1x1%2CAdXNative%2CMPU_300X250_2%2CDMPU_300X600_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%2C320x50%7C336x280%7C728x90%7C300x250%7C1x1%2C300x250%2C300x600&fluid=0%2Cheight%2C0%2C0&ifi=4&didk=365443888~3259233216~3027346761~736479273&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1723576236542&lmt=1723575898&adxs=0%2C442%2C467%2C-9&adys=9004%2C768%2C3799%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C2%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftribuneonlineng.com%2F&vis=1&psz=1600x1200%7C739x90%7C753x250%7C0x-1&msz=1600x0%7C739x90%7C753x250%7C0x-1&fws=0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0&topics=9&tps=9&htps=10&a3p=EhwKDWNyd2RjbnRybC5uZXQY9fOY6ZQySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPXzmOmUMkgAUgIIZBIXCghydGJob3VzZRj185jplDJIAFICCGQSFAoFb3BlbngY9fOY6ZQySABSAghk&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723576230508&idt=1488&adks=3079146193%2C134664576%2C3450096063%2C3627185671&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

d9cdb52e211f427abcf33b12f928dd2c83ae4630d73b6b234fa9dfac30ca55bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18167
x-xss-protection: 0
google-lineitem-id: -2,6393330863,-2,6023013567
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138449041326,-2,138392546498
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5525 0
0 160ms
47ms Document
text/html 142.250.65.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:36 GMT
expires: Tue, 13 Aug 2024 19:10:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=388230791;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftribuneonlineng.com%2F;uht=2;fpan=1;fpa=P0-1092062259-1723576232127;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903...
pixel.quantserve.com/ 35 B
517 B 98ms
96ms Image
image/gif 192.184.68.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=388230791;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftribuneonlineng.com%2F;uht=2;fpan=1;fpa=P0-1092062259-1723576232127;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;us_privacy=1---;ref=;d=tribuneonlineng.com;dst=1;et=1723576233848;tzo=420;ogl=locale.en_GB%2Ctype.website%2Ctitle.Breaking%20News%252C%20Latest%20News%252C%20Politics%252C%20Entertainment%2Cdescription.Tribune%20Online%20is%20well%20known%20for%20the%20tradition%20of%20breaking%20news%20and%20has%20over%20the%2Curl.https%3A%2F%2Ftribuneonlineng%252Ecom%2F%2Csite_name.Tribune%20Online%2Cimage.https%3A%2F%2Ftribuneonlineng%252Ecom%2Fwp-content%2Fuploads%2F2024%2F02%2Fwatermark-tos%252Ejpg%2Cimage%3Awidth.732%2Cimage%3Aheight.366%2Cimage%3Atype.image%2Fjpeg;ses=53456af0-24ff-43ea-b468-a48b1695576d;mdl=

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.184.68.254 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:43 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["RGFKF2zYP558quZHzBc/QA=="],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
279 B 1393ms
119ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a7e48af236c5f6c5f2df4979468402d19a339025df6b8dff5d15ec969cb9dc4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E42 0
0 106ms
105ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPTZ0W2fxHE3r7R1Ce4FxwK2uns1t38Ck8JliD3KG2X937afIZB9BXBo4yaSfIUhKRWB2MmFlcTqkxbLaQNJSikS9yWSeFE8osXUb5TH4YgY6c-Xju1RE-o03p_Wi7sAkrbalXeyOeKbOIjiLiVA4YpwbAbPTIFYp4xFfJ5cLgZ7BfVmrqhr8FeAHQOki2_JnYVDbNAMaa8CurjFrOt1z50Ve3CsJbwkzp1xWE4BhH-YIBo3A2IMRvkTsBR07m0JUnVhXBiHc9OGqOSTuxcPLgRE0oYiUzLJHSMEtca9p5arIAjfAdx71IQMPbQxjCTUxBXxYIXdcLZAw8Cuo8HaY&sai=AMfl-YRLh8Cx-UiJ7S_7afLDw9sbPclOA8jXIFZMh53rtNBfBZDXxF3bbwwGA7n--NjuTf-JtdGP-iy9_yg6uIEKOKMD2ggEftpisLH75fd-oOqHwo5q4r_VxwQNn9ZX0xY8o1ImCyB5Jzes3u69Mj3Ddzvr&sig=Cg0ArKJSzMyM_DDq9gBsEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240812/r20110914/ Frame 6E42 23 KB
9 KB 358ms
33ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240812/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

cafe /

Resource Hash

5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 14:30:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 15499051073851929161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Aug 2024 14:30:03 GMT

GET
H2 200 f5b40f3e552e3126e02e.js Show response
lib.wtg-ads.com/publisher/tribuneonlineng.com/ Frame 6E42 68 KB
21 KB 351ms
32ms Script
application/javascript 172.67.70.115
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lib.wtg-ads.com/publisher/tribuneonlineng.com/f5b40f3e552e3126e02e.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.70.115 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea90346dcacd7d04a7b9fe800dd3e5d90d29c94fd382dc9ed63c3f1ab1c0abe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1159118
x-visitor-country: CA
last-modified: Mon, 11 Jul 2022 11:33:08 GMT
server: cloudflare
etag: W/"62cc0a74-10f87"
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lxF0EHPGyHEX5yGgpkOQQeiUcIMBUNlA7IxJdtP26TLeQixqlMegrrfuhmri%2Btm6ETxl62sQpuAUIcRKdHacDgU0XO9Q6qwBu%2FeEX2M0ZbyLeiLrHA%2BLkriszh4St5Wgg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=10800
access-control-allow-credentials: true
vary: Accept-Encoding
cf-ray: 8b2b01c95e5736c7-YYZ
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 31 Jul 2024 12:12:06 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6E42 204 KB
63 KB 34ms
34ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:33:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64804
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 19:33:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E42 0
0 104ms
103ms Fetch
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6E42 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9f79a16363180bbc16ecbe1bd04d3d425f6951f9f760c9b7e2a0448c5c5edde

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/ 172 KB
58 KB 82ms
64ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

1ca09a3bde2b888d5d9bcf4d3dec7339b44d7c8dbd2307c44de8703cb463931e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59073
x-xss-protection: 0
server: cafe
etag: 18018378258611825708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 1 KB
477 B 60ms
60ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

bfcaee8a4841c64ac98a707cbec70724c087818e57a7edac2be17f77e98fdbe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 19:10:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
681 B 58ms
58ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

b4473b64e52f4f46349205e22678640b524886934381c02577b6a46cd85d9cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:15:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H3 200 css2
fonts.googleapis.com/ 656 B
413 B 58ms
58ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

be7997f03a604942571d3a2c77417c652e06c89937dc9074d90ce86c7c8ab370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 19:10:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
681 B 98ms
98ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

b4473b64e52f4f46349205e22678640b524886934381c02577b6a46cd85d9cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:31:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:37 GMT

GET
H2 200 HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v287/ 709 KB
710 KB 44ms
41ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesymbols/v287/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

33871ff7da632afdb1e0f6b2de1bdba9a8e88c51ae367cafa9c46f97ce14d437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 17:43:16 GMT
x-content-type-options: nosniff
age: 523641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 726228
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 21:39:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 17:43:16 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 104ms
102ms Image
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31084127%2C31085989%2C95334526%2C95334829%2C95337869%2C95336267%2C31078663%2C31078668%2C31078670&hl=en&pvc=854555491355164

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 105ms
104ms Fetch
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/ Frame B7C0 0
0 2ms
2ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240812/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 14507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 15:08:49 GMT
etag: 3784890935487277381
expires: Tue, 27 Aug 2024 15:08:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 12.json Show response
id5-sync.com/g/v2/ 631 B
1 KB 655ms
653ms Fetch
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a8c73e2e12f60499d73553867b08ab84da300b908bf176d673876106587219c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 19:10:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://tribuneonlineng.com
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 58 B
247 B 394ms
110ms Fetch 54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12761&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=d83b5b4e-69ee-4822-ab6a-444ca6bebd3f&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 825251521b9d0ce3b3be8ba781dd01984c3dbaa67c2c10d86a378c2d327c3f5f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:39 GMT
access-control-allow-credentials: true
p3p: CP="NOI DEV ADM"
content-length: 58
vary: Origin
expires: Tue, 13 Aug 2024 19:10:39 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 58 B
246 B 340ms
111ms Fetch 54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12967&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=de8933c8-f168-4972-bbac-f02c00774446&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12967/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 825251521b9d0ce3b3be8ba781dd01984c3dbaa67c2c10d86a378c2d327c3f5f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:39 GMT
access-control-allow-credentials: true
p3p: CP="NOI DEV ADM"
content-length: 58
vary: Origin
expires: Tue, 13 Aug 2024 19:10:39 GMT

GET
H/1.1 204
No Content token
pixel.rubiconproject.com/ 0
1 KB 168ms
44ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/token?pid=34010&customParamenters
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
Expires: 0

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESEKnmSmhoeeDoKUrvqKK5yOQ&dsp=dbm&google_cver=1

0
206 B

112ms
112ms

Image
text/plain

54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEKnmSmhoeeDoKUrvqKK5yOQ&dsp=dbm&google_cver=1
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Tue, 13 Aug 2024 19:10:46 GMT
expires: Tue, 13 Aug 2024 19:10:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEKnmSmhoeeDoKUrvqKK5yOQ&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12761%26url%3Dhttps%253A%252F%252Ftribuneonlineng.com%252F%26hn_ver%3D78%26fid%3Dd83b5b...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12761&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=d83b5b4e-69ee-4822-ab6a-444ca6bebd3f&dsp=TTD&dsp_uid=e4210c60-f630...

48 B
48 B

113ms
112ms

Image
text/plain

54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12761&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=d83b5b4e-69ee-4822-ab6a-444ca6bebd3f&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Tue, 13 Aug 2024 19:10:45 GMT
date: Tue, 13 Aug 2024 19:10:45 GMT
content-length: 48
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:45 GMT
an-x-request-uuid: 3bb64fba-087b-4bbe-8b2a-1863236afeb8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12761&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=d83b5b4e-69ee-4822-ab6a-444ca6bebd3f&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85

0
216 B

113ms
112ms

Image
text/plain

54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Tue, 13 Aug 2024 19:10:46 GMT
expires: Tue, 13 Aug 2024 19:10:46 GMT

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85
date: Tue, 13 Aug 2024 19:10:46 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12967%26url%3Dhttps%253A%252F%252Ftribuneonlineng.com%252F%26hn_ver%3D78%26fid%3Dde8933...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12967&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=de8933c8-f168-4972-bbac-f02c00774446&dsp=TTD&dsp_uid=e4210c60-f630...

44 B
44 B

129ms
128ms

Image
text/plain

54.155.6.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12967&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=de8933c8-f168-4972-bbac-f02c00774446&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 54.155.6.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-6-103.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Tue, 13 Aug 2024 19:10:46 GMT
date: Tue, 13 Aug 2024 19:10:46 GMT
content-length: 44
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:46 GMT
an-x-request-uuid: 9e739c3d-a7af-4957-bc45-5fb6c043b803
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=123673216718909832&pid=12967&url=https%3A%2F%2Ftribuneonlineng.com%2F&hn_ver=78&fid=de8933c8-f168-4972-bbac-f02c00774446&dsp=TTD&dsp_uid=e4210c60-f630-43f1-8369-19aebd26c953
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 51ms
49ms Fetch
text/plain 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-8SFJTPHHCP&gtm=45je4880v885589874za200zb890329046&_p=1723576231184&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=1000g&tag_exp=0&cid=1504960400.1723576235&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1723576234&sct=1&seg=0&dl=https%3A%2F%2Ftribuneonlineng.com%2F&dt=Breaking%20News%2C%20Latest%20News%2C%20Politics%2C%20Entertainment%20-%20Tribune%20Online&_s=2&tfd=13362
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8SFJTPHHCP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s38-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
614 B 82ms
63ms XHR
application/json 54.173.65.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-65-180.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1df20f7a0153a12d8d906bdc5eb34242ee14ffedc4287d792d26b7707d036041

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:42 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache
x-server: 10.40.53.174
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame 4900 0
0 354ms
38ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=tribuneonlineng.com&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 382158
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E42 0
0 173ms
103ms Fetch
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB1swv3HhIIPV06Hd4ysRYTdY6jYOvu5x0uyHYAUNKwKmJWjgtOQg5_I2Lo-nNY3L5Xv91yF8dtCmf3_IOGqWUqQqgT21oEaCpIPuyKy1mPtt9mtZkdyIY2ta07z5TnaPVapRdQWglsrVFywsjbmF8NF6BEdyMgLbLduEq7X2IAjSXRf9I0sGsIGdOtjuZ0B2KAHxLs98x10Pbn8YtXvcBjTvHmRT8T4LsHBadr5ZuRSzR3EcoYmwlErVGCYfYUlSnpb88yVGCi8YUEBrMG7sb37ZgsrPNqIgA1c9sq-aB6nY9IW2YSyko2tl1-_BAFZwBori7pW9IyCO3pbXYbVEgxQ&sai=AMfl-YROjS5C6onFvCGVE5sPLztdh1Y5qAiGo65Y9jDaNHsCUgp-4sPy3Hmq_NAPyCsoCPuS1C0T56j_8xrAIHUS9cClSmzVeBGV2cj17cs5N-FMqfdYjXvR0e5SisZEKAUVMRs0MEye50f0g6yrX4Oz3mfP&sig=Cg0ArKJSzPdFJRpLe-WNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:44 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp&cc=1

85 B
194 B

50ms
47ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp&cc=1
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 306106e1e85225b706439420771632332be67ebca40b24407a331d9c8c72aec7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:45 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-3KnsXrw6PWbdRAqDA/EQTJi4Buw"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 13 Aug 2024 19:10:45 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://tribuneonlineng.com
location: /esp?url=https%3A%2F%2Ftribuneonlineng.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E42 42 B
65 B 103ms
102ms Fetch
image/gif 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZTwgL2BAIj_7ADhdrx5ai2_1GsfoCYeFGPCGZfqNFnJwwKWcIuqusGj7rVvMORr_gViqlIhTHNwwiDWj8LAzjNuacptWB16oIFJ8-9IkrUxVGYSewInkPhRLxqyfXnzs9WiroAuiFe9WXnogPjGDSYjGReRL4C3c&sig=Cg0ArKJSzE8LUVudZ0WlEAE&id=lidar2&mcvt=1000&p=789,240,790,980&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240812&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=134664576&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1950903700&rst=1723576237084&rpt=7657&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame E7F7 0
0 101ms
45ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 453
content-type: text/html
date: Tue, 13 Aug 2024 19:10:46 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 56 KB
19 KB 262ms
262ms XHR
application/json 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=tribuneonlineng.com&pzoneid=7238&in_iframe=&position=btf&screen_width=1600&screen_height=1200&top_domain=tribuneonlineng.com&top_url=https%3A%2F%2Ftribuneonlineng.com%2F&domain=tribuneonlineng.com&url=https%3A%2F%2Ftribuneonlineng.com%2F&referrer=&async=1&uid=9418968299&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cc25b02d300d03387f33cf4da0afac85cb3c141b9f7cd03d82f8a33d60b79acc

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:47 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 /
onetag-sys.com/usync/ Frame 8A8F 0
0 40ms
38ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 vidvertoplayer_test.js Show response
ad.vidverto.io/vidverto/player/ 85 KB
27 KB 234ms
231ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c3662f85134bcc90f554f3ebcbece0418b7a2ecb6b47c12f926e7fe71a88200f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 15:30:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"667ae2a3-15285"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:48 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 420 KB
144 KB 139ms
56ms Script
text/javascript 142.251.40.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.106 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f10.1e100.net

Software

sffe /

Resource Hash

9f50282672379046897b4fdc29ebb341e1bca0e4c2eb89c8436f1ba51f97270e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146916
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:48 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 346ms
343ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:48 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 61 KB
13 KB 461ms
459ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js?correlator=6bb88f05853be55381de051ebc540c4c
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7a3625ca28eed364415c0e5d8ec730d208ee638cc873942bf58761946cf6c524

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Wed, 03 Jul 2024 10:19:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"668525c8-f45b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:48 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 90 KB
23 KB 461ms
459ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=6bb88f05853be55381de051ebc540c4c
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cdd44ad6f154d53357ab907d83df44d2e85636ae2f9afffd2b58c1b361625409

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2024 11:24:41 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"66acc1f9-16733"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:48 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 373 KB
118 KB 461ms
459ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 980701e6d74df703be32ecbab7ede2ecbd6a8d3b94104d005b0a691287744cea

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 04:35:15 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"66385e03-5d3c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:48 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/162534/8426/ 216 KB
66 KB 183ms
107ms Script
application/javascript 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/162534/8426/pwt.js
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1f261fd4337804e9395a30a0deb5d60ae01da8781114b867f02e20de47d1dfd

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 14:02:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=20006
accept-ranges: bytes
content-length: 66881
expires: Wed, 14 Aug 2024 00:44:14 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
850 B 459ms
458ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET match
a4p.adpartner.pro/ssp/ 0
0

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=&gdpr=0&gdpr_consent=
https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dprodoohmox%26user_id%3D%40%40CRITEO_USERID%40%40
https://x.bidswitch.net/sync?dsp_id=462&ssp=prodoohmox&user_id=k-IddJIUD_yLeaWMX1P6rFCimfcn-8ZEgOwfL95g&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=d8361303-31de-442c-b1be-bdae2ea5e13b&p_id=15

0
154 B

622ms
285ms

Image
text/plain

175.110.113.216
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=d8361303-31de-442c-b1be-bdae2ea5e13b&p_id=15
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Server: 175.110.113.216 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-216.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:50 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

Location: //ad.vidver.to/delivery/v2/sync?userid=d8361303-31de-442c-b1be-bdae2ea5e13b&p_id=15
Date: Tue, 13 Aug 2024 19:10:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 451ms
450ms Image
image/png 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Tue, 20 Aug 2024 19:10:48 GMT

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
373 B 55ms
54ms XHR
application/json 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Ftribuneonlineng.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

a42f08f5f6e6625c00c35488c20fb71bb7f871b2da70d43203651509c08abe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:48 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 1609ms
20ms Fetch
application/json 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240813

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f7e30c3953aa27bb92fce436ba224d37c293d824d6ad9ed56a9e00f57109fdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 19:10:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 11401
x-jsd-version: 1.0.2147
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 845
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
etag: W/"634-IbCw9Xdj3tgiiWW2Zt9naJZYojU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
416 B 1265ms
175ms Fetch
application/json 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 112 KB
32 KB 234ms
233ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1705819415
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:51 GMT
content-encoding: gzip
last-modified: Mon, 30 Oct 2023 17:37:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"653fe9e1-1bee3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 13 Aug 2024 20:10:51 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 463ms
463ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:51 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.658.1_en.html
imasdk.googleapis.com/js/core/ Frame A8E6 0
0 102ms
33ms Document
text/html 142.251.40.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.658.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.106 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 335033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258422
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 22:06:58 GMT
expires: Sat, 09 Aug 2025 22:06:58 GMT
last-modified: Fri, 09 Aug 2024 22:02:30 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 381ms
47ms Script
text/javascript 142.251.40.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.198 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 19:10:51 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6418 40 KB
14 KB 35ms
34ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Aug 2024 19:37:58 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/ 48 KB
0 764ms
121ms Media
video/mp4 175.110.113.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/480_650.mp4
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.200 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-200.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 13 Aug 2024 19:10:51 GMT
Last-Modified: Wed, 28 Sep 2022 10:45:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "633425b2-7acb77"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-8047478/8047479
Connection: keep-alive
Content-Length: 8047479

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
18 KB 42ms
42ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 02:20:46 GMT
x-content-type-options: nosniff
age: 492605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 02:20:46 GMT

GET
H3 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 36ms
36ms Font
font/woff2 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1705819415

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://tribuneonlineng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 02:00:28 GMT
x-content-type-options: nosniff
age: 493823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 02:00:28 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
551 B 116ms
115ms Image
image/svg+xml 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:51 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 420 KB
0 0ms
0ms Script
text/javascript 142.251.40.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer_test.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.106 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f10.1e100.net

Software

sffe /

Resource Hash

9f50282672379046897b4fdc29ebb341e1bca0e4c2eb89c8436f1ba51f97270e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146916
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:48 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/ 0
0 558ms
121ms Media
video/mp4 175.110.113.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/480_650.mp4
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.200 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-200.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 13 Aug 2024 19:10:52 GMT
Last-Modified: Wed, 28 Sep 2022 10:45:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "633425b2-7acb77"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-8047478/8047479
Connection: keep-alive
Content-Length: 8047479

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
0 0ms
0ms XHR
application/json 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Ftribuneonlineng.com%2F

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

a42f08f5f6e6625c00c35488c20fb71bb7f871b2da70d43203651509c08abe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Tue, 13 Aug 2024 19:10:48 GMT

GET
H2 200 bridge3.658.1_en.html
imasdk.googleapis.com/js/core/ Frame C0AD 0
0 0ms
0ms Document
text/html 142.251.40.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.658.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.106 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f10.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 335033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 258422
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Aug 2024 22:06:58 GMT
expires: Sat, 09 Aug 2025 22:06:58 GMT
last-modified: Fri, 09 Aug 2024 22:02:30 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A5A3 40 KB
0 35ms
34ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 18:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13943
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Aug 2024 19:37:58 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/ 115 KB
115 KB 457ms
116ms Media
video/mp4 175.110.113.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/480_650.mp4
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.200 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-200.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0dfe89b778beefffb4b89ddb9fcf686591ac6a27149ce9f14c8c63bfff562830

Request headers

Referer: https://tribuneonlineng.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=7929856-

Response headers

Date: Tue, 13 Aug 2024 19:10:52 GMT
Last-Modified: Wed, 28 Sep 2022 10:45:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "633425b2-7acb77"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 7929856-8047478/8047479
Connection: keep-alive
Content-Length: 117623

GET 480_650.mp4
cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/ 0
0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 101ms
100ms Fetch
text/html 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/ 65 KB
0 118ms
116ms Media
video/mp4 175.110.113.200
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/480_650.mp4
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.200 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-200.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

Date: Tue, 13 Aug 2024 19:10:53 GMT
Last-Modified: Wed, 28 Sep 2022 10:45:06 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "633425b2-7acb77"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 32768-8047478/8047479
Content-Length: 8014711

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 71 KB
22 KB 164ms
34ms Script
application/javascript 172.67.75.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:53 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 24 Jul 2024 09:04:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1764313
ETag: W/"5d2d2036b561962f40bb380b9e37a03c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UwkeoyMICIvDKbb%2BoQEAd6NbG5dsXVnNtVoojP0nvwvIVjXM7XmNXTJcW4x8Gr12KIjoiwva8frZNuX30hjWRmwHNayOCngFOAFvdiylJ%2BQoNQX5umMSZlsT54FtopKj"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8b2b02032e7cac0c-YYZ

POST
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 3 KB
1 KB 341ms
110ms Fetch
application/json 51.158.29.13
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Ftribuneonlineng.com%2F

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

afb71d89e3c34e4cefbf5a6664718b5d8adb820f3907b5929f7f23b240e43874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 13 Aug 2024 19:10:54 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribuneonlineng.com
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
1 KB 86ms
84ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:53 GMT
an-x-request-uuid: d3e4af3a-d265-4408-b3fb-209b0d206eb1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
234 B 1233ms
427ms Fetch
text/html 208.115.237.110
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.115.237.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 110-237-115-208.static.reverse.lstn.net
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:08:31 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true

POST bid
s.seedtag.com/c/hb/ 0
0

POST /
ghb.adtelligent.com/v2/auction/ 0
0

POST
H2 204 translator Show response
prebid.pubmatic.com/ 0
115 B 154ms
57ms Fetch 207.65.32.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pubmatic.com/translator?source=prebid-client
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.32.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:54 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
615 B 1331ms
34ms Fetch
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=97152&adid=31&formatid=39287&size=desktop
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: e3072e1fb5d3b9602201430bf5adaddd2d962b201e104bd11861cadc7c518308

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:01:11 GMT
server: cloudflare
age: 51429
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=259200
cf-ray: 8b2b020adc7fac54-YYZ
apigw-requestid: cbcVOgiRDoEEPNA=

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 356ms
354ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

93671f1ace47c42d97111d1d503b3f2f90b5f2dedb129fbc9221e83925a267a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:54 GMT
content-encoding: gzip
an-x-request-uuid: 181bffc8-a620-44e7-9def-3168678b3512
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST /
b1h.zemanta.com/api/bidder/prebid/bid/ 0
0

POST /
prebid.smilewanted.com/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 441 B
652 B 1280ms
141ms Fetch
application/json 69.173.146.10
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=38330&zone_id=1078232&size_id=55&alt_size_ids=57%2C58%2C125&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,90911,1,,,&eid_id5-sync.com=ID5*HpLxv_9EEtif5CzNJKn-N3Ikff2WRa3sXZZ18CePoV66ZVhMK5vTRFoiNoQGhDgV%5E1%5E2&eid_pubcid.org=62519805-023d-4845-96f5-0464bda5afd2%5E1&rf=https%3A%2F%2Ftribuneonlineng.com&kw=97152&tg_i.domain=tribuneonlineng.com&tg_i.page=https%3A%2F%2Ftribuneonlineng.com%2F&tg_i.name=tribuneonlineng.com&tg_i.siteid=97152&tg_i.placement=31&tg_i.divId=sas_39287&tg_i.pbadslot=sas_39287&tk_flint=pbjs_lite_v9.6.0&x_source.tid=169e8a7d-9273-4a25-8863-737fbc998434&l_pb_bid_id=220767e3b10da0e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=b444fe66-e90b-4612-bc5a-a2da699da143&rp_maxbids=1&p_gpid=%2F97152%2Ftribuneonlineng.com%2Fdesktop%2F39287&m_ch_mobile=%3F0&slots=1&rand=0.09466875504229644
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ff0bc02ed9d54e8424f2fa773f2077ed1ab53e118817514269d17dc716b6f9af

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 441
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 231ms
229ms Fetch
application/json 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST c
prebid.a-mo.net/a/ 0
0

POST prebidjs
rtb.openx.net/openrtbb/ 0
0

POST prebid
mp.4dex.io/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

POST request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
0

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 86ms
28ms Script
application/javascript 104.18.23.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:54 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 8b2b0203dd84abc4-YYZ
content-length: 3

GET
H2 200 /
onetag-sys.com/usync/ Frame C3E6 0
0 289ms
289ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1723576251182&us_privacy=1---

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
316 B 166ms
111ms Fetch
image/gif 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=97152-tribuneonlineng-com&v=1&pbjsv=9.6.0&pv_id=c99e0aed-4b40-48b8-8536-241fc1866b5e&auct_id=452bedbe-3c04-4ada-b784-9a5f19cfb2f6&adu_code=39287&url_dmn=tribuneonlineng.com&mts=ban&ban_szs=1000x30%2C1000x90%2C800x250%2C900x250%2C950x250%2C970x250%2C970x90&bdrs=adagio%2Cadtelligent%2Camx%2Cblueroostermedia%2Ccriteo%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Cpubmatic%2Crichaudience%2Crubicon%2Cseedtag%2Csmilewanted%2Ctriplelift&plcmt=31&s_id=0be28f5b-7530-481e-ac29-0dad94ab7bf4&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&adg_mts=ban
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:54 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H2 204 e
1x1.a-mo.net/ 0
0 134ms
40ms Fetch 3.220.246.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://1x1.a-mo.net/e
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.246.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-246-207.compute-1.amazonaws.com
Software: MonetEngine /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 19:10:56 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine
vary: accept-encoding

GET
H2 204 timeout
s.seedtag.com/se/hb/ 0
284 B 129ms
61ms Image
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.seedtag.com/se/hb/timeout?publisherToken=1039-6760-01&adUnitId=33711167&timeout=3000
Requested by: Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:56 GMT
via: 1.1 google
access-control-allow-credentials: true
server: openresty
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD

GET
H2 200 pba.gif Show response
c.4dex.io/ 43 B
97 B 113ms
111ms Fetch
image/gif 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=97152-tribuneonlineng-com&v=2&pbjsv=9.6.0&pv_id=c99e0aed-4b40-48b8-8536-241fc1866b5e&auct_id=452bedbe-3c04-4ada-b784-9a5f19cfb2f6&adu_code=39287&url_dmn=tribuneonlineng.com&mts=ban&ban_szs=1000x30%2C1000x90%2C800x250%2C900x250%2C950x250%2C970x250%2C970x90&bdrs=adagio%2Cadtelligent%2Camx%2Cblueroostermedia%2Ccriteo%2Cgingerad%2Cmoneytizer%2Conetag%2Copenx%2Coutbrain%2Cpubmatic%2Crichaudience%2Crubicon%2Cseedtag%2Csmilewanted%2Ctriplelift&plcmt=31&s_id=0be28f5b-7530-481e-ac29-0dad94ab7bf4&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&adg_mts=ban&bdrs_bid=0%2C0%2C0%2C0%2C0%2C1%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C%2C%2C%2C%2C%2C0%2C%2C%2C%2C%2C%2C%2C%2C%2C&dom_i=5704
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:57 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

POST
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 3 KB
1 KB 112ms
110ms Fetch
application/json 51.158.29.13
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&allowed_post_content=true&url=https%3A%2F%2Ftribuneonlineng.com%2F

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.158.29.13 Paris, France, ASN12876 (Online SAS, FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

afb71d89e3c34e4cefbf5a6664718b5d8adb820f3907b5929f7f23b240e43874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 13 Aug 2024 19:10:58 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tribuneonlineng.com
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 213 B
268 B 41ms
28ms Fetch
text/html 104.22.63.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=97152&adid=6&formatid=26328&size=desktop
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.63.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.17
Resource Hash: f726950d59b401eb5428d09e0db746e16235d45a351934c5ab6ce7a010ffd401

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 04:01:11 GMT
server: cloudflare
age: 51432
x-powered-by: PHP/8.2.17
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=259200
cf-ray: 8b2b0221f9e2ac54-YYZ
apigw-requestid: cbcVOiGMjoEEPkg=

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
554 B 210ms
133ms Fetch 74.119.117.9
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.6.0&cb=50714953399&lsavail=1&bundle=NuvycF9ha3hNTCUyQlc3RUdOME5lNzNBQWVEV1d4R3Z6MyUyQjZuTnVSd3l2Yno1ODRMWElDQkFnaURXV25vTXdwWXoxYVgydVZrR0dDTHB1VzVkWkNtajFqMFFiJTJCOHlFZVpUWjklMkJPblAxRENGTjFkaXF1QU9pdGl5NXJzU1pKWHdscGgyR2FoTTVZaUpsJTJCb1VkNU5WVk5nVSUyRjBaa0h4WU5KU0hVNU55ckhhQU45RFBVOHclM0Q

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:58 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 5 KB
2 KB 363ms
270ms Fetch
application/json 23.227.151.194
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.151.194 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: f5691575665cba6ca2c73f214b5cec3a85c518d68eb2a75111c4a405038783cc

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 13 Aug 2024 19:10:58 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://tribuneonlineng.com
Access-Control-Allow-Credentials: true
Permissions-Policy: browsing-topics=()
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 1576

POST
H2 200 c Show response
prebid.a-mo.net/a/ 1 KB
1 KB 79ms
68ms Fetch
application/json 147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 25c151bdbb4b3037e448d67776ebb223f1f930f4629ff39f495320814bf86bcd

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:57 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 497

POST
H/1.1 403
Forbidden / Show response
bid.missena.io/ 9 B
268 B 169ms
40ms Fetch
text/plain 54.158.194.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.missena.io/?t=PA-62589382
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.194.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-194-159.compute-1.amazonaws.com
Software: /
Resource Hash: 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://tribuneonlineng.com
Date: Tue, 13 Aug 2024 19:10:59 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 9
Vary: Origin
Content-Type: text/plain; charset=utf-8

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
233 B 351ms
342ms Fetch
text/html 208.115.237.110
LIMESTONENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 208.115.237.110 Los Angeles, United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS: 110-237-115-208.static.reverse.lstn.net
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:08:35 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true

POST
H2 204 translator Show response
prebid.pubmatic.com/ 0
59 B 46ms
33ms Fetch 207.65.32.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.pubmatic.com/translator?source=prebid-client
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.32.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://tribuneonlineng.com
date: Tue, 13 Aug 2024 19:10:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
334 B 408ms
400ms Fetch 104.22.31.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.31.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://tribuneonlineng.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2b02220b0f36cf-YYZ
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 14 KB
7 KB 280ms
272ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3096be63696da890106d11e2b2b51a503bfcb5be4e3fd8469b44ac484521fde0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:59 GMT
content-encoding: gzip
an-x-request-uuid: dd61493d-71f0-4b49-a5b1-ba193abfd047
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
367 B 209ms
198ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: b23b140c0142cea5ec07534929ed6ef65c0bcfbf1a9fec9c0d1b8c14722f95e0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:58 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
x-forwarded-for: 178.249.214.139
content-type: text/plain
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
mp.4dex.io/ 1 KB
1 KB 364ms
353ms Fetch
application/json 104.18.11.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bbfd98d872d1ab0ce366f9a0f84eca0e192c73402970f95249b8cc69101db1f

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:59 GMT
x-err: Calling bidders. no bid responses
x-version: 3.0.0-gcp-las
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b2b02220e3f3a02-YYZ
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 451 B
508 B 145ms
140ms Fetch
application/json 69.173.146.10
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=38330&zone_id=1124634&size_id=2&alt_size_ids=55%2C58%2C221&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,90911,1,,,&eid_id5-sync.com=ID5*HpLxv_9EEtif5CzNJKn-N3Ikff2WRa3sXZZ18CePoV66ZVhMK5vTRFoiNoQGhDgV%5E1%5E2&eid_pubcid.org=62519805-023d-4845-96f5-0464bda5afd2%5E1&rf=https%3A%2F%2Ftribuneonlineng.com&kw=97152&tg_i.domain=tribuneonlineng.com&tg_i.page=https%3A%2F%2Ftribuneonlineng.com%2F&tg_i.name=tribuneonlineng.com&tg_i.siteid=97152&tg_i.placement=6&tg_i.divId=sas_26328&tg_i.pbadslot=sas_iframe_fixed_26328&tk_flint=pbjs_lite_v9.6.0&x_source.tid=04732a5c-e507-40b1-b1fa-ada715229874&l_pb_bid_id=61551af4e43b3fe&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=affedc63-f58e-4253-81e5-c2338bd6da84&rp_maxbids=1&p_gpid=%2F97152%2Ftribuneonlineng.com%2Fdesktop%2F26328&m_ch_mobile=%3F0&slots=1&rand=0.15531352832619882
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: eabea07adbedb72ec5fa08a82e032a0bea763a2c6d563c2f479c1751b74adaa7

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 451
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
s.seedtag.com/c/hb/ 129 B
651 B 593ms
583ms Fetch
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/hb/bid
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e780c52b8416b6950c01d110145c0635e92647a9992e05e88368825af0fc5d2c

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:59 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
observe-browsing-topics: ?1
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
8 KB 389ms
383ms Fetch
application/json 68.67.160.184
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.184 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

09ffa466abf8bb55d5719f7f6d6d37c09606039baa59a450ee9940c07e586ca5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:59 GMT
content-encoding: gzip
an-x-request-uuid: ed39b74f-2a04-4f93-8ea2-9f589b176d21
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.249.214.139; 178.249.214.139; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 269ms
260ms Fetch
application/json 51.222.239.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.239.230 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip230.ip-51-222-239.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://tribuneonlineng.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
799 B 124ms
116ms Fetch
application/json 3.208.175.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=9.6.0&referrer=https%3A%2F%2Ftribuneonlineng.com%2F&tmax=3000&gdpr=false

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.208.175.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-208-175-5.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
content-encoding: gzip
accept-ch: sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version
x-auction-status: 29
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tribuneonlineng.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2

200

usync.html
eus.rubiconproject.com/ Frame F25C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

0
0

147ms
66ms

Document
text/html

23.203.105.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-105-107.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 19:10:59 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Aug 2024 19:10:59 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server: AkamaiGHost

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 112ms
111ms Fetch
image/gif 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=97152-tribuneonlineng-com&v=1&pbjsv=9.6.0&pv_id=c99e0aed-4b40-48b8-8536-241fc1866b5e&auct_id=a25c1678-de79-47bd-8f8d-ae369e419ab0&adu_code=26328&url_dmn=tribuneonlineng.com&mts=ban&ban_szs=1000x30%2C1000x90%2C1x1%2C728x250%2C728x90%2C950x90%2C970x90%2C990x90&bdrs=adagio%2Cadtelligent%2Camx%2Cblueroostermedia%2Ccriteo%2Cgingerad%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Cpubmatic%2Crichaudience%2Crubicon%2Cseedtag%2Csmilewanted%2Ctriplelift&plcmt=6&s_id=0be28f5b-7530-481e-ac29-0dad94ab7bf4&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&adg_mts=ban
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:59 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H3 200 pba.gif Show response
c.4dex.io/ 43 B
61 B 198ms
197ms Fetch
image/gif 35.241.34.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.4dex.io/pba.gif?org_id=1015&site=97152-tribuneonlineng-com&v=2&pbjsv=9.6.0&pv_id=c99e0aed-4b40-48b8-8536-241fc1866b5e&auct_id=a25c1678-de79-47bd-8f8d-ae369e419ab0&adu_code=26328&url_dmn=tribuneonlineng.com&mts=ban&ban_szs=1000x30%2C1000x90%2C1x1%2C728x250%2C728x90%2C950x90%2C970x90%2C990x90&bdrs=adagio%2Cadtelligent%2Camx%2Cblueroostermedia%2Ccriteo%2Cgingerad%2Cmissena%2Cmoneytizer%2Conetag%2Copenx%2Cpubmatic%2Crichaudience%2Crubicon%2Cseedtag%2Csmilewanted%2Ctriplelift&plcmt=6&s_id=0be28f5b-7530-481e-ac29-0dad94ab7bf4&s_new=true&bdrs_src=client%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient%2Cclient&adg_mts=ban&bdrs_bid=0%2C1%2C0%2C1%2C0%2C1%2C0%2C1%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&bdrs_cpm=%2C0.015300000000000001%2C%2C0.0061747%2C%2C%2C%2C0%2C%2C%2C%2C%2C%2C%2C%2C&dom_i=5704
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 106.34.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 19:10:59 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: -1

GET
H2

200

sync
eb2.3lift.com/ Frame 6D0D
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

0
0

48ms
47ms

Document
text/html

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1072
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 19:11:00 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 13 Aug 2024 19:10:59 GMT
location: /sync?&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 0E75 0
0 109ms
19ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 83587
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Aug 2024 19:10:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 317, 140735
X-Served-By: cache-lga13626-LGA, cache-yyz4577-YYZ
X-Timer: S1723576260.969484,VS0,VE0

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 39A1 0
0 55ms
51ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 539
content-type: text/html
date: Tue, 13 Aug 2024 19:10:59 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 isyn
prebid.a-mo.net/ Frame E0CD 0
0 118ms
36ms Document
text/html 147.28.129.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.28.129.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 672
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 19:10:59 GMT
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 1

GET
H/1.1 200
OK iframe
sync.missena.io/ Frame 35CB 0
0 216ms
78ms Document
text/html 3.92.156.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.missena.io/iframe?gdpr=0&gdpr_consent=undefined
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.156.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-156-225.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Aug 2024 19:11:00 GMT
Expires: Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified: Tue, 13 Aug 2024 19:11:00 GMT
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame C242 0
0 49ms
38ms Document
text/html 74.119.117.17
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=tribuneonlineng.com&gpp=

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.117.17 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 19:10:59 GMT
server: Kestrel
server-processing-duration-in-ticks: 2628769
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 /
csync.smilewanted.com/ Frame 6129 0
0 221ms
146ms Document
text/html 104.22.30.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.30.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b2b0228eb5eab87-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 19:11:00 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 1BDF 0
0 80ms
79ms Document
text/html 23.203.105.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.105.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-105-107.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 19:10:59 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 8E76 0
0

GET
H2 200 /
onetag-sys.com/usync/ Frame 3237 0
0 40ms
39ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1723576254105&gdpr=0

Requested by

Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A577 0
0 142ms
37ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161784&gdpr=0&gdpr_consent=
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=68964
content-encoding: gzip
content-length: 5516
content-type: text/html
date: Tue, 13 Aug 2024 19:11:00 GMT
expires: Wed, 14 Aug 2024 14:20:24 GMT
last-modified: Mon, 05 Aug 2024 09:22:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame C193 0
0 56ms
56ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: tmzr.themoneytizer.fr
URL: https://tmzr.themoneytizer.fr/v9.6.0u2.0.12/ef83b37280ac2a1d571892754255090a/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://tribuneonlineng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 83587
Cache-Control: max-age=86402
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Aug 2024 19:10:59 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 317, 140735
X-Served-By: cache-lga13626-LGA, cache-yyz4577-YYZ
X-Timer: S1723576260.969484,VS0,VE0

GET
H/1.1

200
OK

prebid
b1h.zemanta.com/usersync/
Redirect Chain

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=
https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

26 B
388 B

34ms
34ms

Image
image/gif

70.42.32.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b1h.zemanta.com/usersync/prebid?gdpr=0&gdpr_consent=&s=2

Requested by

Host: tribuneonlineng.com
URL: https://tribuneonlineng.com/

Protocol

HTTP/1.1

Server

70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tribuneonlineng.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 13 Aug 2024 19:11:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 26
p3p: CP="We do not support P3P header."

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html; charset=utf-8
location: /usersync/prebid?gdpr=0&gdpr_consent=&s=2
p3p: CP="We do not support P3P header."
cache-control: no-cache, no-store, must-revalidate
content-length: 72
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET /
ssc-cms.33across.com/ps/ Frame 21BA 0
0

GET

3766647541711484429
sync.1rx.io/usersync/turn/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=adagio&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=adagio&zcc=1&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dunruly%26it%3Dadg-pb-clt%26uid%3D%5BRX_UUID%5D&cb=1723576261603
https://ad.turn.com/r/cs?pid=45&id=RX-6bdbbc12-65c3-46bc-8e44-bba3239536b8-005&rndcb=3449352682
https://sync.1rx.io/usersync/turn/3766647541711484429?dspret=1&gdpr=&gdpr_consent=&us_privacy=

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.instagram.com
URL: https://www.instagram.com/embed.js

Domain: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Domain: gum.criteo.com
URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Domain: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v2.0.js

Domain: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftribuneonlineng.com%2F&domain=tribuneonlineng.com&cw=1&lsw=1&gdpr=0

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Domain: gum.criteo.com
URL: https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftribuneonlineng.com%2F&domain=tribuneonlineng.com&cw=1&lsw=1&gdpr=0

Domain: id.crwdcntrl.net
URL: https://id.crwdcntrl.net/id?gdpr_applies=false&c=17553

Domain: cookie-matching.mediarithmics.com
URL: https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033

Domain: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js

Domain: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23

Domain: cdn.vidverto.io
URL: https://cdn.vidverto.io/secured2/mkh5Fdrfn2VOBZQRmSlJAg:1723579847/1078/video/2685/480_650.mp4

Domain: s.seedtag.com
URL: https://s.seedtag.com/c/hb/bid

Domain: ghb.adtelligent.com
URL: https://ghb.adtelligent.com/v2/auction/

Domain: b1h.zemanta.com
URL: https://b1h.zemanta.com/api/bidder/prebid/bid/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: rtb.openx.net
URL: https://rtb.openx.net/openrtbb/prebidjs

Domain: mp.4dex.io
URL: https://mp.4dex.io/prebid

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=9.6.0&referrer=https%3A%2F%2Ftribuneonlineng.com%2F&tmax=3000&gdpr=false

Domain: grid-bidder.criteo.com
URL: https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.6.0&cb=27846695233&lsavail=1&bundle=NuvycF9ha3hNTCUyQlc3RUdOME5lNzNBQWVEV1d4R3Z6MyUyQjZuTnVSd3l2Yno1ODRMWElDQkFnaURXV25vTXdwWXoxYVgydVZrR0dDTHB1VzVkWkNtajFqMFFiJTJCOHlFZVpUWjklMkJPblAxRENGTjFkaXF1QU9pdGl5NXJzU1pKWHdscGgyR2FoTTVZaUpsJTJCb1VkNU5WVk5nVSUyRjBaa0h4WU5KU0hVNU55ckhhQU45RFBVOHclM0Q

Domain: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3260559442

Domain: ssc-cms.33across.com
URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26it%3Dadg-pb-clt%26uid%3D33XUSERID33X

Domain: sync.1rx.io
URL: https://sync.1rx.io/usersync/turn/3766647541711484429?dspret=1&gdpr=&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

493 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

101 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/openrtb_2_5/pbjs/auction	1970-01-21 08:07:52	Name: cto_bundle Value: 4rzsOF9YQVNERUZFMVNWeFdrNyUyQmpLVUlibk14UjMlMkZKaTUxOTd4Y1JsOEdQMVkzcGwyVnM3R25XU1RCT2IwRkpSMGNtaUVyTm01Y3J1OU9tSzQ0TndlT0ZyOVJtQTVObkZPZmxkTzE4czhuTE1XWjhlZjhzb1VqVjk3YlQzbHo2NmhXTVU0emI2RiUyRlI2V3BNNjFDWVByTjljaVBxcGkxMTBCQUtjSWdIaHBDaUNzRzAlM0Q
.3lift.com/sync	1970-01-21 00:55:52	Name: sync Value: CgoIoQEQwaua6ZQyCgoI4gEQwaua6ZQyCgoI5gEQwaua6ZQyCgoIhwIQwaua6ZQyCgkIOhDBq5rplDIKCQgbEMGrmumUMgoKCIwCEMGrmumUMgoKCKwCEMGrmumUMgoKCK0CEMGrmumUMgoJCF8Qwaua6ZQy
.tribuneonlineng.com/	1970-01-20 22:46:18	Name: __cf_bm Value: t1jaopH6O7wDnq.DWi9xMtlr1ZQquzmRPEKy4WcES9I-1723576230-1.0.1.1-f.B0p_75YEdDrqs0qn_bggUXu52TxBFBd1wmcYk8ZAA4C89u4gRUfQbOjJKjxSzVCbsrjCpdYNWrh0qwmGfsCA
.onesignal.com/	1970-01-20 22:46:18	Name: __cf_bm Value: CK6nxo9pZCANHvMUcMjvjJ_K3KfptN5wPBewEGxN8JM-1723576231-1.0.1.1-FLLAmex3n0WFYG4FU_1sOqoccpk2AS4acBxcoDPbYDyOhjV6GHIjx3AsxDIFUhB2oeync8_fzXxBySytdB8YGQ
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.podbean.com/	1970-01-21 07:31:52	Name: cf_clearance Value: 9IZ9bXzviaDzgL8Omrmcjjzmw7xaPgPgc2Hmf4Kg4YI-1723576232-1.0.1.1-afYJ3r1l2JqT0DCTqp52FcudSnSVt8QMx_IRWIgU91lI1nsme1VW1e83yFmyyfVNzhRiF2nyDMNyUz4av2x5fw
.tribuneonlineng.com/	1970-01-21 08:22:16	Name: _ga_6MC096FRP9 Value: GS1.1.1723576234.1.0.1723576234.0.0.0
.tribuneonlineng.com/	1970-01-21 08:15:04	Name: _awl Value: 2.1723576234.5-fae4db7495cbbc1969c25c4d643c08d3-6763652d75732d63656e7472616c31-0
.tribuneonlineng.com/	1970-01-21 08:22:16	Name: _ga_XGSPWE8QJG Value: GS1.1.1723576235.1.0.1723576235.0.0.0
.tribuneonlineng.com/	1970-01-21 08:22:16	Name: _ga Value: GA1.2.1504960400.1723576235
.tribuneonlineng.com/	1970-01-20 22:47:42	Name: _gid Value: GA1.2.454158949.1723576236
.tribuneonlineng.com/	1970-01-20 22:46:16	Name: _gat_gtag_UA_226683900_11 Value: 1
.tribuneonlineng.com/	1970-01-21 08:07:52	Name: usprivacy Value: 1N--
.tribuneonlineng.com/	1970-01-21 00:55:52	Name: sharedid Value: 62519805-023d-4845-96f5-0464bda5afd2
.tribuneonlineng.com/	1970-01-21 00:55:52	Name: sharedid_cst Value: kSylLAssaw%3D%3D
.adsrvr.org/	1970-01-21 07:31:52	Name: TDID Value: e4210c60-f630-43f1-8369-19aebd26c953
.doubleclick.net/	1970-01-21 08:22:16	Name: IDE Value: AHWqTUkFT_11DShBpStMtqZu1ivP_pUyuZV24DlebjcC84V32qTW6lcQgRI3dePlSIs
.doubleclick.net/	1970-01-20 22:46:17	Name: test_cookie Value: CheckForPermission
.tapad.com/	1970-01-21 00:12:40	Name: TapAd_TS Value: 1723576237452
.tapad.com/	1970-01-21 00:12:40	Name: TapAd_DID Value: f823ad8f-b904-4d9c-a7f9-3e9a76a7aa0f
.criteo.com/	1970-01-21 08:07:52	Name: receive-cookie-deprecation Value: 1
.tapad.com/	1970-01-21 00:12:40	Name: TapAd_3WAY_SYNCS Value:
.tribuneonlineng.com/	1970-01-21 08:07:52	Name: __gads Value: ID=b33238fd0c8a23df:T=1723576236:RT=1723576236:S=ALNI_MYXRl1j_iinP8hGgw8uJEdMnnv0MA
.tribuneonlineng.com/	1970-01-21 08:07:52	Name: __gpi Value: UID=00000eca77ecf5b4:T=1723576236:RT=1723576236:S=ALNI_MbLytke_G4hDOT3dcBRKqQoDnEd_Q
.tribuneonlineng.com/	1970-01-21 03:05:28	Name: __eoi Value: ID=4f971c465de5b44f:T=1723576236:RT=1723576236:S=AA-AfjbygsOItjLDyYzbCXh-EOEd
.tribuneonlineng.com/	1970-01-21 08:22:16	Name: _ga_8SFJTPHHCP Value: GS1.1.1723576234.1.0.1723576237.57.0.0
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.id5-sync.com/	1970-01-21 00:55:52	Name: id5 Value: 4206e5ad-e6b7-7416-80ea-16a0f1f58fb6#1723576236870#3
.adnxs.com/	1970-01-21 08:22:16	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:55:52	Name: XANDR_PANID Value: Nk57wCc0_YFzYaq3_HKYw4p21n6qA42Tv6iwEk83-jzK3cHBmQYsrdSTryaXGUMg9gs-plQQGWcuNcA4yIwVcJTnfuGzrRVhX711LXi2PnE.
.adnxs.com/	1970-01-21 00:55:52	Name: uuid2 Value: 123673216718909832
.semasio.net/	1970-01-21 07:31:52	Name: SEUNCY Value: 9AF328FFE81DBCD8
.bidswitch.net/	1970-01-21 07:31:52	Name: tuuid Value: d8361303-31de-442c-b1be-bdae2ea5e13b
.bidswitch.net/	1970-01-21 07:31:52	Name: c Value: 1723576240
.bidswitch.net/	1970-01-21 07:31:52	Name: tuuid_lu Value: 1723576240
.crwdcntrl.net/	1970-01-21 05:15:03	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 05:15:03	Name: _cc_id Value: 67ad370226cb58eefe387de7635c29ca
www.ebayadservices.com/	1970-01-21 00:55:52	Name: adguid Value: 35194a30926d48a2b2e1d60d67eeb2ca
.id5-sync.com/	1970-01-21 00:55:52	Name: 3pi Value: 112#1723576240280#-1543682730#9AF328FFE81DBCD8\|2#1723576239710#-1957295716#123673216718909832\|19#1723576241481#2038562051#67ad370226cb58eefe387de7635c29ca\|264#1723576237885#-1155925120#e4210c60-f630-43f1-8369-19aebd26c953\|104#1723576240851#469630276#d8361303-31de-442c-b1be-bdae2ea5e13b\|108#1723576237676#-697069505
.tribuneonlineng.com/	1970-01-21 05:15:04	Name: _cc_id Value: 67ad370226cb58eefe387de7635c29ca
.tribuneonlineng.com/	1970-01-20 22:47:42	Name: panoramaId_expiry Value: 1723662642393
.tribuneonlineng.com/	1970-01-20 22:47:42	Name: panoramaId Value: ecb5295cba743961ade15318b019a9fb927a30d80cc5c6eaf0c8b594f4282748
.tribuneonlineng.com/	1970-01-20 22:47:42	Name: panoramaIdType Value: panoDevice
.33across.com/	1970-01-21 07:31:52	Name: check Value: true
.quantserve.com/	1970-01-21 08:16:30	Name: mc Value: 66bbafb3-e24c2-9437f-55734
.tribuneonlineng.com/	1970-01-21 08:10:45	Name: __qca Value: P0-1092062259-1723576232127
.criteo.com/	1970-01-21 08:07:52	Name: uid Value: 0cfffcef-fed3-465d-9fe2-d0a3e9f0ed2c
.tribuneonlineng.com/	1970-01-21 08:07:52	Name: cto_bundle Value: NuvycF9ha3hNTCUyQlc3RUdOME5lNzNBQWVEV1d4R3Z6MyUyQjZuTnVSd3l2Yno1ODRMWElDQkFnaURXV25vTXdwWXoxYVgydVZrR0dDTHB1VzVkWkNtajFqMFFiJTJCOHlFZVpUWjklMkJPblAxRENGTjFkaXF1QU9pdGl5NXJzU1pKWHdscGgyR2FoTTVZaUpsJTJCb1VkNU5WVk5nVSUyRjBaa0h4WU5KU0hVNU55ckhhQU45RFBVOHclM0Q
.rubiconproject.com/	1970-01-21 07:31:52	Name: khaos Value: LZSSSM0W-6-KTMM
.rubiconproject.com/	1970-01-21 07:31:52	Name: khaos_p Value: LZSSSM0W-6-KTMM
.cpx.to/	1970-01-21 07:31:52	Name: dsp_app_nexus Value: 123673216718909832#1723576245695
.cpx.to/	1970-01-21 07:31:52	Name: dsp_TTD Value: e4210c60-f630-43f1-8369-19aebd26c953#1723576245695
.openx.net/	1970-01-21 07:31:52	Name: i Value: 9eeaa619-79b4-48bc-9f97-a6b60c274465\|1723576245
.cpx.to/	1970-01-21 07:31:52	Name: dsp_dbm Value: CAESEKnmSmhoeeDoKUrvqKK5yOQ#1723576246355
.pubmatic.com/	1970-01-21 07:31:52	Name: KADUSERCOOKIE Value: F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85
.cpx.to/	1970-01-21 07:31:52	Name: dsp_pubmatic Value: F47D6B2C-F4EF-45EF-9038-3E27D3A4AE85#1723576246953
.amazon-adsystem.com/	1970-01-21 04:18:54	Name: ad-id Value: Ax7OrhlXR0q4lkFo6JbUmuU
.amazon-adsystem.com/	1970-01-21 08:22:16	Name: ad-privacy Value: 0
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_zone_imp[7238][count] Value: 0
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_zone_imp[7238][frequencyPeriodEnd] Value: 1723662647
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_imp[23239][count] Value: 0
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_imp[23239][frequencyPeriodEnd] Value: 1723662647
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_camp_imp[10384][count] Value: 0
ad.vidverto.io/	1970-01-20 22:47:42	Name: _mwayss_camp_imp[10384][frequencyPeriodEnd] Value: 1723662647
ad.vidver.to/	1970-01-21 07:30:25	Name: bidswitch_com Value: d8361303-31de-442c-b1be-bdae2ea5e13b
.yahoo.com/	1970-01-21 07:32:13	Name: A3 Value: d=AQABBL2vu2YCEIvi0sjhABoD4HX4GYboabUFEgEBAQEBvWbFZgAAAAAA_eMAAA&S=AQAAAoA--LA88N01t_sPBio5oNE
.prebid.a-mo.net/	1970-01-21 07:31:52	Name: __amc Value: 1_1723576258_1723576258
.a-mo.net/	1970-01-21 07:31:52	Name: amuid2 Value: 5cf56c51-28e1-49ca-9ea7-e081c5976308
.a-mo.net/	1970-01-21 07:31:52	Name: pamuid2 Value: 5cf56c51-28e1-49ca-9ea7-e081c5976308
.prebid.a-mo.net/	1970-01-21 07:31:52	Name: psd_amuid2 Value: 5cf56c51-28e1-49ca-9ea7-e081c5976308
.prebid.a-mo.net/	1970-01-21 07:31:52	Name: sd_amuid2 Value: 5cf56c51-28e1-49ca-9ea7-e081c5976308
.3lift.com/	1970-01-21 00:55:52	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 07:31:52	Name: receive-cookie-deprecation Value: 1
.4dex.io/	1970-01-21 00:12:40	Name: uids Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjQtMDgtMTNUMTk6MTA6NTkuMTM5MTA3ODkyWiIsInB1Ym1hdGljIjoiMjAyNC0wOC0xM1QxOToxMDo1OS4xMzkxMTA5MDFaIiwicnViaWNvbiI6IjIwMjQtMDgtMTNUMTk6MTA6NTkuMTM5MTAzOTIxWiIsInVucnVseSI6IjIwMjQtMDgtMTNUMTk6MTA6NTkuMTM5MTA4MzgxWiJ9LCJ1aWRzIjp7ImFkYWdpbyI6eyJ1aWQiOiJjM2ZhMWMzZi00NGUyLTRhYzktYjg1NC0yOWMwZjFjNDVkMWIiLCJleHBpcmVzIjoiMjAyNC0xMC0xMlQxOToxMDo1OC45NDcwNzUyODRaIn19LCJiZGF5IjoiMjAyNC0wOC0xM1QxOToxMDo1OC45NDcwMjY4NTRaIn0=
.adnxs.com/	1970-01-21 00:55:52	Name: icu Value: ChkI1JuJARAKGAIgAigCMMPf7rUGOAJAAkgCEMPf7rUGGAE.
.seedtag.com/	1970-01-21 07:31:52	Name: st_uid Value: 6728dc38-a3ab-483e-aed2-27d30e0b68e3
.seedtag.com/	1970-01-20 23:29:28	Name: st_ssp Value: Y291bnRyeV9uYW1lPUNhbmFkYSZjb3VudHJ5X2lzbzI9Q0EmY291bnRyeV9pc28zPUNBTiZyZWdpb25fbmFtZT1PbnRhcmlvJnJlZ2lvbl9pc28yPU9OJmNpdHlfbmFtZT1Ub3JvbnRvJmxvbmdpdHVkZT0tNzkuMzYyMyZsYXRpdHVkZT00My42NTQ3JnppcD1NNUE=
.openx.net/	1970-01-20 23:07:52	Name: pd Value: v2\|1723576246.13\|vPvMgakWgy.iKbwuYhEgKg2
.zemanta.com/	1970-01-21 07:31:52	Name: zuid Value: wvepOpXX8f7FsoQHJ4gm
.3lift.com/	1970-01-21 00:55:52	Name: tluidp Value: 2849400587787868392317
.3lift.com/	1970-01-21 00:55:52	Name: tluid Value: 2849400587787868392317
tribuneonlineng.com/	1970-01-21 08:07:52	Name: cto_bundle Value: cnkifl9ha3hNTCUyQlc3RUdOME5lNzNBQWVEV2NTQ0U1cHNadVIzaEpqUkJ5c0dXN21sT21mZ0JBRnN1Mks3ZnVyMXZFeWVqdXM0Und2VkFTSHk0ckZmbTV6Rm9YcnNBRWNjZllpWXR0JTJCd1EwTnVHellhc2tCem9pWFdJQXJnJTJGazlZa09oM0ZhVWVLRlhzMzRWZUolMkJZbVM3YUFnTzVsMHpCalRvQ1NlMDFrSDlCTDNzUSUzRA
.rubiconproject.com/	1970-01-21 00:55:52	Name: receive-cookie-deprecation Value: 1
.ads.pubmatic.com/	1970-01-20 22:47:42	Name: KCCH Value: YES
.bidr.io/	1970-01-21 08:14:49	Name: bito Value: AAEMRk7Nd2AAABPkN3ORKA
.bidr.io/	1970-01-21 08:14:49	Name: bitoIsSecure Value: ok
.rlcdn.com/	1970-01-21 07:31:52	Name: rlas3 Value: t5KFVVTvopK2BK5Rg0oa8e4+jsyEJU28gniwVQIhlKY=
.adsrvr.org/	1970-01-21 07:31:52	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCOq9oLO29Z09EAUSFgoHc3Z4OXQ1MBILCOTkkbS29Z09EAUYASABKAIyCwiw25ThzPWdPRAFOAFaB3N2eDl0NTBgAg..
.linkedin.com/	1970-01-21 00:55:52	Name: li_sugr Value: 8c4feaa6-067e-4719-ba48-f6db800a5e31
.missena.io/	1970-01-21 08:22:16	Name: msna Value: cqtqvh6b58gc73bc2prg
.rlcdn.com/	1970-01-21 00:12:40	Name: pxrc Value: CMTf7rUGEgUI6AcQABIFCOhHEAA=
.linkedin.com/	1970-01-21 07:31:52	Name: bcookie Value: "v=2&f2077baf-182e-4acb-8be4-9892a8f227bb"
.linkedin.com/	1970-01-20 22:47:42	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2956:u=1:x=1:i=1723576260:t=1723662660:v=2:sig=AQFgZrELR-y6FBsrNUjOBBMv7byC-AO5"
.360yield.com/	1970-01-21 00:55:52	Name: tuuid Value: a11b1c42-37d3-4d47-b0fe-184c7aadbc39
.360yield.com/	1970-01-21 00:55:52	Name: tuuid_lu Value: 1723576260
.a-mx.com/	1970-01-21 07:31:52	Name: amdt_t Value: p::1723576260277
.a-mx.com/	1970-01-21 07:31:52	Name: amuid2 Value: 5cf56c51-28e1-49ca-9ea7-e081c5976308
.rubiconproject.com/	1970-01-21 07:31:52	Name: audit_p Value: 1\|PtYsq8rop7uuHnYnD8EMZDw6E0kELM8T+TJsSZxO+l5HjDB8Hc9L5nmvlV2w9IR7A/C506Ee1sHyUhTWCqUS/Easv6MpIV38rNMcRMwX7vZPFMrdked536ZsIlP80lOrknORSVj+yM2uZ4B/eVrxFmRScpQ5LQTl
.rubiconproject.com/	1970-01-21 07:31:52	Name: audit Value: 1\|PtYsq8rop7uuHnYnD8EMZDw6E0kELM8T+TJsSZxO+l5HjDB8Hc9L5nmvlV2w9IR7A/C506Ee1sHyUhTWCqUS/Easv6MpIV38rNMcRMwX7vZPFMrdked536ZsIlP80lOrknORSVj+yM2uZ4B/eVrxFmRScpQ5LQTl
.primis.tech/	1970-01-20 23:22:16	Name: csuuid Value: 66bbafc454af5
.turn.com/	1970-01-21 03:05:28	Name: uid Value: 3766647541711484429

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://tribuneonlineng.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9OCZpbml0aWF0aW5nUGFydG5lcj0xMiZmb3JtYXQ9Z2lmJg&domid=1033 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://bid.missena.io/?t=PA-62589382 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1a08b1c9f79476043ccc2fc824018eb4.safeframe.googlesyndication.com
1x1.a-mo.net
a4p.adpartner.pro
acdn.adnxs.com
ad.vidver.to
ad.vidverto.io
ads.pubmatic.com
ads.themoneytizer.com
adtrack.adleadevent.com
analytics.google.com
b1h.zemanta.com
bcp.crwdcntrl.net
bid.missena.io
c.4dex.io
c.amazon-adsystem.com
c0.wp.com
cadmus.script.ac
cdn-ima.33across.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.themoneytizer.fr
cdn.vidverto.io
ced.sascdn.com
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
cookie-matching.mediarithmics.com
csync.smilewanted.com
dis.criteo.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
ghb1.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid-bidder.criteo.com
gum.criteo.com
hb.brainlyads.com
i0.wp.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
jankoors.com
kvt.sddan.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lib.wtg-ads.com
match.adsrvr.org
metrics.biddertmz.com
mp.4dex.io
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.wp.com
pixel.zprk.io
powerad.ai
prebid.a-mo.net
prebid.pubmatic.com
prebid.smilewanted.com
reporting.powerad.ai
rtb.openx.net
rules.quantcount.com
s.cpx.to
s.seedtag.com
s0.2mdn.net
scaredslip.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
ssc-cms.33across.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync.1rx.io
sync.missena.io
sync.richaudience.com
tags.crwdcntrl.net
tlx.3lift.com
tmzr.themoneytizer.fr
tpc.googlesyndication.com
tribuneonlineng.com
u.openx.net
www.google-analytics.com
www.google.ca
www.googletagmanager.com
www.instagram.com
www.podbean.com
x.bidswitch.net
a4p.adpartner.pro
b1h.zemanta.com
c.amazon-adsystem.com
cdn-ima.33across.com
cdn.vidverto.io
ced.sascdn.com
cookie-matching.mediarithmics.com
ghb.adtelligent.com
grid-bidder.criteo.com
gum.criteo.com
hb.brainlyads.com
id.crwdcntrl.net
mp.4dex.io
prebid.a-mo.net
prebid.smilewanted.com
rtb.openx.net
s.seedtag.com
ssc-cms.33across.com
sync.1rx.io
sync.richaudience.com
tlx.3lift.com
www.instagram.com
104.17.111.223
104.18.11.176
104.18.23.145
104.18.25.111
104.21.40.15
104.22.0.202
104.22.30.209
104.22.31.209
104.22.63.227
108.138.128.28
13.226.34.90
142.250.176.202
142.250.31.155
142.250.65.162
142.250.65.194
142.250.65.225
142.250.72.99
142.250.80.66
142.250.81.226
142.251.40.106
142.251.40.161
142.251.40.195
142.251.40.198
142.251.40.206
142.251.40.232
147.28.129.140
15.197.193.217
151.101.1.229
151.101.65.108
162.159.137.54
162.19.138.116
162.19.138.83
172.67.174.127
172.67.70.115
172.67.75.241
175.110.113.200
175.110.113.216
18.173.132.63
18.173.219.66
185.132.133.134
192.0.76.3
192.0.77.2
192.0.77.37
192.184.68.254
207.65.32.76
207.65.37.184
208.115.237.110
23.201.191.176
23.203.105.107
23.227.151.194
23.51.57.13
3.208.175.5
3.215.199.215
3.220.246.207
3.230.247.109
3.231.69.201
3.92.156.225
34.102.146.192
34.120.107.143
34.149.50.64
34.248.22.168
34.96.70.87
35.211.178.172
35.227.252.103
35.241.34.106
35.244.159.8
35.244.193.51
51.158.29.13
51.222.239.230
51.222.39.184
52.223.22.214
52.85.61.20
54.155.6.103
54.158.194.159
54.173.65.180
54.234.151.247
68.67.160.184
69.173.146.10
69.173.151.100
70.42.32.127
74.119.117.16
74.119.117.17
74.119.117.4
74.119.117.9
99.80.30.141
0126785e575a612406ef199670e1d8ecdac322ffe72534b5c364e31cf9967e3b
02caeda898063a8981b1a6c8afe31a8d12b51e88842338b3c3506771e29af8d9
040836fe8ebb8eb6782f1addbbc640c37a28fceed0193a42ff25d16ea1a4859b
0514580c53e8c81ce58ff2a3f86d65f5c8b671896f9c4f0489973670c1912f94
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
06e2bb08faeeea0cc98981210e9dfb040a8c17c2f046e1af76ab8a788bfa3d93
083541eaa3dd91120153eb9a22e219ad17b91ce22d70427a719f758e308b14a7
09ffa466abf8bb55d5719f7f6d6d37c09606039baa59a450ee9940c07e586ca5
0dfe89b778beefffb4b89ddb9fcf686591ac6a27149ce9f14c8c63bfff562830
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1285fa0d3efa9b784623a0ee0575627ae18e2dba5545321767925eb3445b3d15
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1a646aade9fc30cf08717263cf5d877755797128d84984bba97ee25179618ffc
1b01b5965ea8d499eed20e985daac93b6ca5d45a9028b93d09e5859f4bad02e5
1b095330c0560e721eb90024150bd15e5ef5aef2aa03aa2a5ad08743e66ba86d
1b15b4c5b04a6eb4f7809b76aa670c86dbcb633b91ead770fd64816d458fa481
1ca09a3bde2b888d5d9bcf4d3dec7339b44d7c8dbd2307c44de8703cb463931e
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cecf6aff3799676afbba5d917af1ed2ba13d4cb15431ba6ac1a32a27cb7aa58
1d29dee2420b25daab44f50c57606fdd3b5fa63a7e6bb177acc4aa8aed0d19e6
1d8da457735f728ae0fe4885112e46eaea75060e912e1c0fac533b3310b532be
1df20f7a0153a12d8d906bdc5eb34242ee14ffedc4287d792d26b7707d036041
1fd300ae6d161b2d6cba9fdd4f41081e4b60de9fa6f827c02100ca8731658ca7
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22c3050a6e8a667b2fbc0a74647a3bac6bbeee4f7b3e70499209b915ac736083
23cb4af936c70370b4787b22d7bb8f88413f411e9f036c40c8d7f435d7d041c1
25c151bdbb4b3037e448d67776ebb223f1f930f4629ff39f495320814bf86bcd
25c3c76cdbf159ad4d4fe6c1d2164835c1232890e7adf641b1a253905e53d6df
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
28d894b4664f51376d31de576644dad93b7c928551e66efc58bdba0ad51f3a9d
2948481022d708e82719cfcd81524c45a552e648e7b0c556926d117dd15fdd60
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
306106e1e85225b706439420771632332be67ebca40b24407a331d9c8c72aec7
3096be63696da890106d11e2b2b51a503bfcb5be4e3fd8469b44ac484521fde0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f79c05535d34d0218fac7e11eb644ee1b7c97ccf6c92551b6a450ea4180513
33871ff7da632afdb1e0f6b2de1bdba9a8e88c51ae367cafa9c46f97ce14d437
395068524eba83d23e0dc43f31739f9a8f3965bf7851a87f890329cb107084d7
3ae5ca5f83697df545671effeaf1567404e779d58c06979af9e9099e115e9974
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bdb1b8d0d776539a312953f0f86ffa80776c0aeabe1162ad537110280e6dc9b
3dd4f53067dd0f0bd875bcf7acebfb72e908b5329da8f19ab48fbbe4aa10daa5
3f368bad709ba2631e19261f4aceed4b15c9ec0c0bf17fe6346db2bbb2249e4e
3f58252a635fcb2b8160e9303570bf732faa3ab57aed8a3926845137b395c6ad
4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c
41d0cb0f29f83878366aa5623d787330c17275adefc106923873ea8118ddc183
41dcf3f867a8e8da8d292d6b23b83f96e7b6009b282b42770d3ee00ea7482e13
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44398587b3d4b1a7ec6f1d30c13c37d8a3f3f7825a2dc36c97d0f499653a788b
448c2c8f586e597e18732391de3038defacd4fc0e67f1ff0378d0a62e2949f7a
44fda2ae98e3f1e0e24e75a854b38b700cf1d76f3a1412790db2d22160801fc3
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b782cac9a76a4137f6a94ed25c97d1df386ad8866192f86c2bc1136c10627d5
4d20e34d7517ba277214444e8f314c7b75141eb1979493453252daa941808ab7
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4eaa9a43c63295f2060dc352c8bd1c608ab952260b2446d18c306cc240d03b86
50e55a95e9db7e15e936fb087be3b7f51c680f4902d4a19c2a15467d29678cae
5192e73424cf74f5877f3beeb350367e2ae27107974f7d2ed81f6d397b8d028c
5270e54f1a92254ebced9bbba6d94104c5691994bb9cb2b696326d714e3d42e7
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5a9e5b243e4375900a73f1682e6a0df5ea834b9038b9dc3b4145b6395c20e995
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5bf97de8ad6bc93b3c21dc853b405253b32668272e36f8624d209ce143681538
5fe8c68f318aa1e9cb2cfe4be20519c3f7bf75564b9ba3e9822e0d93fe4b7491
60e3083dd987ec50c560bf8219fd9dfb1a6f3b546c405be9218448f7e0bb9368
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6400dc8b0e288909fa6cc5abdb32a8c2f1a8f8efeb93369ab9bf9378f5f50bd7
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6787a8da30534fa00a1a1d27503c041922b243f601f3ede51dc2598c9ceef3a8
68725762f8658ebd5c28f53a5098b47fba547f7ae685ac1d1d0bfb19e029a25b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7245e25d6b55f5e66b7525738c32f69601bf8c1230bbb79732e5b68bb9c77f15
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
75732fd39e20d53586ec075a3e132e2d7d600906889e286597fdf11da4e481b4
762a6921a033f9c9921fa1d1ef75351b4e82685fd77e6eafd97134a8cd4436c0
766b0a7e95add175ad983311e783879e3fc830e9cb20a574cfb34bfe7cbdd3d2
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
786c0db9eecaf816bb2db91a16904dd903f38a3e607eb8ce40c29d27f9820e3f
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7a3625ca28eed364415c0e5d8ec730d208ee638cc873942bf58761946cf6c524
7bbfd98d872d1ab0ce366f9a0f84eca0e192c73402970f95249b8cc69101db1f
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
8211c257e20d92b79ecf520ebee4d9a61ffd39cef7ed8e7c7e35cacfa733566f
825251521b9d0ce3b3be8ba781dd01984c3dbaa67c2c10d86a378c2d327c3f5f
82fbcdbe0b2bdc9a7619c5a99684e09abeb12a11c7dcc5e6e3ed2227ee4461b0
834f36e331c276d5f1f5ad0f25c293b00512410612cddf6e6e2266bb4df43f3f
83d36dfd09b5f1fdf95c7ac47e7df5586a2448aa4b4f97b40894b783f4846717
860b7564f614589710c7af01ded046938f904f58dfb900e1f98c1942ce81b99e
8724434d64c56953f4f478ccf088561367f6b0530d34d77ed685fc37b8ffb388
8ab781bf27583bdff4e614a22c4cfad9b122df26146560761b886f15a87038e4
8d56d5a0e647d7beb88c3e9c6fe928ee9d5260426fc364b1f9aadf93b37108b5
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8ef50f34fe91c6ae3b39114d4a652645e3086ddf99b8ac23f186f12831525904
8f7e30c3953aa27bb92fce436ba224d37c293d824d6ad9ed56a9e00f57109fdf
8ff5de1b0b1d4922b0bf1eea21886efa9976d29655dd30c5ea435dc0b583aeee
90a0be64aef035903d14a6656aa0e385dfdc5781c96f144a790f6fa296bd7512
93671f1ace47c42d97111d1d503b3f2f90b5f2dedb129fbc9221e83925a267a9
93fe7f2888a30fd7916f4c2cbfc285793691c5cefd15fae5e9da7e111b760d4d
9462ffde1e6cc0db617644b0919fb03459672da53254f0d869ae6d40c6c178fa
94665953fcae4d8f163f2f95b490cd21b1aec2be6cb2789e791066a0ed880c4a
9510d373531d6725328f8b634dd8c0e5438a1d299968874811d208c44f7fd5fa
953d297714ff8be59e2ee663f52a3ca5ec31e35f9873497b64d7db9784011e6f
95f2ef13495d2acf51e4c0e32b2e5b924ffb671722195958f7a2ab6e4350da8f
96c91b6490555f9ec593e1bce9c0174ef94751056a757bd9e80c71b92cf1643e
980701e6d74df703be32ecbab7ede2ecbd6a8d3b94104d005b0a691287744cea
9a4c0c213c3a33d6e7988cc93a0304a8b2adf4771fa5ba0b517e40aa7b302a0b
9ab6fe2bf97ae3218625c1b808abaad9f40936b9780a22428d8daf42144cdd09
9df6c4c7c9ded0611ccf30c49f5a271fe7ab2405cdecbfbf38413a1430d5f75e
9e40f8c779bed89b4adb4a19e78ea92a7300d3a020c460fda548ad5efce7eaeb
9f50282672379046897b4fdc29ebb341e1bca0e4c2eb89c8436f1ba51f97270e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3ef64bc926bd7be1e61ac47dbe6bb954bf7382cea10dbadd876266b64ca05a2
a42f08f5f6e6625c00c35488c20fb71bb7f871b2da70d43203651509c08abe31
a48a8f9a8d3784d3557cb86f2850af6f46195a06fb446c4f163e2c767c8ab872
a7e48af236c5f6c5f2df4979468402d19a339025df6b8dff5d15ec969cb9dc4a
a8c73e2e12f60499d73553867b08ab84da300b908bf176d673876106587219c4
a9f79a16363180bbc16ecbe1bd04d3d425f6951f9f760c9b7e2a0448c5c5edde
abb3632e200e6ec83ac8776b76fea4c7a360bb299956d631c6d5c2d69eb98931
abbcd73db004e56766842ef27dd73a1f8d8bc75bd3e22ac886837a6ba2788a5e
abc4c24f7cdeabcfa58f96fb120ba7fd52263fe7e3394d24db1ec7ecaee8cc45
ac23176b7f4dd09a1c12457fa8fcdf5e46734c8cb7f0c3925f5f3d51544bc0d3
adfa85b06ac19516517ea7ed4458688597320c95cc1ebcfda73bb35c935bf393
afb71d89e3c34e4cefbf5a6664718b5d8adb820f3907b5929f7f23b240e43874
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f261fd4337804e9395a30a0deb5d60ae01da8781114b867f02e20de47d1dfd
b23b140c0142cea5ec07534929ed6ef65c0bcfbf1a9fec9c0d1b8c14722f95e0
b353ba6d64956947dce123686a4f61f0561672901ee0312868ea63364cf769d8
b4473b64e52f4f46349205e22678640b524886934381c02577b6a46cd85d9cc5
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b6aebdce6f243a2fd13336d91c9e8c03f9d128ac528d5b64929b2eddf475a105
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b932a10c6814724741c5dcfb0fd8bb70ff95946a13a2e2acecbdfc4d10240f92
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bde0d8641ef4427aeb9e899ddc368463fbea6c771ef1b31422e28959de60a572
be7997f03a604942571d3a2c77417c652e06c89937dc9074d90ce86c7c8ab370
bfcaee8a4841c64ac98a707cbec70724c087818e57a7edac2be17f77e98fdbe9
c036c9684430ac39b057e5166f94178309ee7eddea08c858d234c9472bf2c581
c184e68dbbb51cbe35dbe92184492ffa27bbdccdc7c38c6e9a4e0fc5beeb5d62
c3662f85134bcc90f554f3ebcbece0418b7a2ecb6b47c12f926e7fe71a88200f
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c5310fe55b411c576b30cda56f82773bc7227cf7dc069cbd80810968d9172ba8
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c607456fb966b302ee1c727930e8bdafe0527ccceda6968b72969326e1893111
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc25b02d300d03387f33cf4da0afac85cb3c141b9f7cd03d82f8a33d60b79acc
cdd44ad6f154d53357ab907d83df44d2e85636ae2f9afffd2b58c1b361625409
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cfcd3cac2859e93266bbf0f2a9ad9dab7eacbb51fc4b2f730669fa97ea468f
d85ca8586e1f1cb0d61a05cc405d33700aef58f7bdc9e71ef6b68323b7604ef6
d9cdb52e211f427abcf33b12f928dd2c83ae4630d73b6b234fa9dfac30ca55bb
d9e32d14eae4dd2bf3e342e71c482cb607435898e7d0b5720c3b638683f22b2d
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbdf1cd6d180a0c59bf9068bb444126e7c6f9debecfbd3b20b99e8e41d83d1cb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deaa7065055f42e86e37612bbdc5aa850a777de5fbee8740f358c7dbb45b7921
df472d39b2c5b223f444a7fa31ecea18bea3de58600c34f945834d3690996453
e0e8435ebde651ac7f129aa4d356b8a05383d3c3127395a1e1694e01c33bcb19
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1a3214e6ad4fe4355c5b99490b2e66ed2331ae65f8d7bdb8a864552c4532dfb
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e3072e1fb5d3b9602201430bf5adaddd2d962b201e104bd11861cadc7c518308
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e780c52b8416b6950c01d110145c0635e92647a9992e05e88368825af0fc5d2c
e8120fc8c7e91c95a395f16edeaed21f80f643be594d6849c7f8e59d50f3880b
e9fa6dbc13054201cb25b90df7e59e4cd0d311f1feda7fe2b91ff2ef931fb152
ea90346dcacd7d04a7b9fe800dd3e5d90d29c94fd382dc9ed63c3f1ab1c0abe9
eabea07adbedb72ec5fa08a82e032a0bea763a2c6d563c2f479c1751b74adaa7
ec575b64667939b945aaba8d9739a20004bd36506ae6e6f4ceb95784bd9e6a8e
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
ec9d8c907138c1545c1e92a42a86e0fc451ecedf5259d0562ec2192429092451
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1de196d21cc8c1648dd4f77219c6e0d3d8660fcef059a2c6159bc023906398
efacb49c049bb29559d1f5285322c54bf9d87e1fe3811fe2dcc6084b271ac943
f04c670291bf2189a6f21ea8acee816424ea50b6ea1c4cda513ff82e4dad9c3b
f0e9c6e7895185acaa731ed8477b58c3a1e5174c7bf743031f5fd42c98f44b20
f0fa06655078e0ac20e2af926a55c9e56ce3484ddc439cb4643a7f8c8f6ac031
f36adc07db49e73c3fd3aeb4234d270725f07719706dd28dfc09657f2cffe9d6
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5691575665cba6ca2c73f214b5cec3a85c518d68eb2a75111c4a405038783cc
f726950d59b401eb5428d09e0db746e16235d45a351934c5ab6ce7a010ffd401
f76a38d24efdb56a2e2aae1d3c3e6395126aafca398a7432099d040404d05000
f7a0fcb6dc2faf553d3093b228519114b09d538dde82fcea861a90635aae4363
ff0bc02ed9d54e8424f2fa773f2077ed1ab53e118817514269d17dc716b6f9af

tribuneonlineng.com Open in urlscan Pro 162.159.137.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

309 Requests

89 %HTTPS

0 %IPv6

64 Domains

103 Subdomains

79 IPs

7 Countries

3711 kBTransfer

11125 kBSize

101 Cookies

20 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tribuneonlineng.com Open in urlscan Pro
162.159.137.54 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

89 %
HTTPS

0 %
IPv6

64
Domains

103
Subdomains

79
IPs

7
Countries

3711 kB
Transfer

11125 kB
Size

101
Cookies

309 HTTP transactions
5 data transactions