urlscan.io logo urlscan.io
SecurityTrails logo

www.thetimestribune.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thetimestribune.com.admin-us2.cas.ms/
Effective URL: https://www.thetimestribune.com/
Submission: On December 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 154 IPs in 12 countries across 165 domains to perform 797 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is www.thetimestribune.com.
TLS certificate: Issued by GTS CA 1P5 on November 15th 2022. Valid for: 3 months.
This is the only time www.thetimestribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 52.151.238.5 8075 (MICROSOFT...)
7 2600:1400:900... 20940 (AKAMAI-ASN1)
1 11 192.104.182.209 10668 (LEE-ASN)
52 104.16.132.24 13335 (CLOUDFLAR...)
1 108.156.172.102 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.156.172.86 16509 (AMAZON-02)
21 2607:f8b0:400... 15169 (GOOGLE)
3 108.156.172.99 16509 (AMAZON-02)
4 216.17.34.108 10242 (USINTERNET)
1 104.81.241.61 16625 (AKAMAI-AS)
1 1 108.156.172.9 16509 (AMAZON-02)
1 35.155.108.1 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 108.156.172.44 16509 (AMAZON-02)
1 2606:2800:11f... 15133 (EDGECAST)
3 54.82.174.208 14618 (AMAZON-AES)
2 34.202.114.247 14618 (AMAZON-AES)
10 2600:9000:24f... 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
4 2600:1901:0:6... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 108.156.168.23 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
21 2607:f8b0:400... 15169 (GOOGLE)
1 108.156.184.9 16509 (AMAZON-02)
2 7 2620:116:800b... 14618 (AMAZON-AES)
1 2600:9000:24f... 16509 (AMAZON-02)
3 54.88.76.203 14618 (AMAZON-AES)
9 34.213.190.9 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 108.156.167.180 16509 (AMAZON-02)
1 2600:9000:24f... 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
38 104.72.145.167 16625 (AKAMAI-AS)
2 108.156.187.204 16509 (AMAZON-02)
3 2620:100:a001... 19750 (AS-CRITEO)
10 19 68.67.160.114 29990 (ASN-APPNEX)
7 30 35.244.159.8 15169 (GOOGLE)
2 2602:803:c002... 26667 (RUBICONPR...)
3 11 172.64.154.237 13335 (CLOUDFLAR...)
13 3.208.125.27 14618 (AMAZON-AES)
28 34.236.83.94 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2620:116:800b... 14618 (AMAZON-AES)
2 108.156.172.69 16509 (AMAZON-02)
7 108.156.172.74 16509 (AMAZON-02)
1 130.211.10.17 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 52.160.40.218 8075 (MICROSOFT...)
1 2600:9000:24f... 16509 (AMAZON-02)
2 7 52.207.194.90 14618 (AMAZON-AES)
2 20 52.46.155.104 16509 (AMAZON-02)
1 54.213.236.150 16509 (AMAZON-02)
12 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2001:4de0:ac1... 20446 (STACKPATH...)
1 3.231.49.203 14618 (AMAZON-AES)
3 2600:1f18:44f... 14618 (AMAZON-AES)
2 2620:100:a001::4 19750 (AS-CRITEO)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 6 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.99.194 13335 (CLOUDFLAR...)
18 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 2 2600:9000:24f... 16509 (AMAZON-02)
5 5 34.150.170.96 396982 (GOOGLE-CL...)
4 4 34.233.171.12 14618 (AMAZON-AES)
3 19 104.72.144.21 16625 (AKAMAI-AS)
1 44.205.97.245 14618 (AMAZON-AES)
4 13 34.225.32.205 14618 (AMAZON-AES)
4 104.81.240.200 16625 (AKAMAI-AS)
6 23.78.168.242 16625 (AKAMAI-AS)
4 4 2606:ae80:147... 25751 (VALUECLICK)
4 6 63.251.114.136 32475 (SINGLEHOP...)
3 34.117.126.186 396982 (GOOGLE-CL...)
18 20.60.81.107 8075 (MICROSOFT...)
5 34.102.227.237 396982 (GOOGLE-CL...)
4 34.117.86.81 396982 (GOOGLE-CL...)
11 11 199.127.204.142 26120 (RHYTHMONE)
12 13 35.71.131.137 16509 (AMAZON-02)
1 24 3.214.33.241 14618 (AMAZON-AES)
8 8 216.200.232.253 30419 (MEDIAMATH...)
1 4 23.92.190.69 10913 (INTERNAP-BLK)
4 4 35.207.24.140 15169 (GOOGLE)
14 40 142.250.80.34 15169 (GOOGLE)
3 3 199.38.167.131 54312 (ROCKETFUEL)
3 3 44.194.228.115 14618 (AMAZON-AES)
7 7 68.67.179.166 29990 (ASN-APPNEX)
6 6 151.101.2.49 54113 (FASTLY)
19 19 35.211.178.172 19527 (GOOGLE-2)
3 3 35.190.90.30 15169 (GOOGLE)
3 5 107.178.246.49 15169 (GOOGLE)
1 4 108.156.184.51 16509 (AMAZON-02)
2 2 70.42.32.31 22075 (AS-OUTBRAIN)
1 2 23.44.211.156 16625 (AKAMAI-AS)
2 2 198.148.27.139 19189 (PULSEPOINT)
3 4 70.42.32.63 22075 (AS-OUTBRAIN)
2 7 2600:1f18:4e9... 14618 (AMAZON-AES)
3 3 54.235.189.154 14618 (AMAZON-AES)
2 2 150.136.26.45 31898 (ORACLE-BM...)
1 2 169.197.150.7 398989 (DEEPINTENT)
2 3 199.187.193.182 47043 (SMARTADSE...)
1 1 20.127.253.7 8075 (MICROSOFT...)
2 5 162.19.138.120 16276 (OVH)
2 2 18.214.193.123 14618 (AMAZON-AES)
2 2 202.241.208.52 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.32.172.185 16625 (AKAMAI-AS)
20 24 8.28.7.82 62713 (AS-PUBMATIC)
14 34 8.28.7.83 62713 (AS-PUBMATIC)
1 3 162.248.18.34 62713 (AS-PUBMATIC)
5 5 8.43.72.97 26667 (RUBICONPR...)
6 172.64.151.162 13335 (CLOUDFLAR...)
3 8.28.7.81 62713 (AS-PUBMATIC)
11 15 8.43.72.98 26667 (RUBICONPR...)
1 52.94.223.37 16509 (AMAZON-02)
4 199.232.196.124 54113 (FASTLY)
2 3.210.251.205 14618 (AMAZON-AES)
1 1 67.202.105.24 32748 (STEADFAST)
1 54.81.25.165 14618 (AMAZON-AES)
5 6 54.175.230.119 14618 (AMAZON-AES)
4 5 2620:112:f002... 6336 (TURN-US-ASN)
5 6 52.45.33.138 14618 (AMAZON-AES)
2 18 192.40.39.223 27381 (CASALE-MEDIA)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 1 18.220.131.167 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 34.107.222.173 396982 (GOOGLE-CL...)
5 2607:f8b0:400... 15169 (GOOGLE)
4 52.46.145.177 16509 (AMAZON-02)
24 199.232.192.124 54113 (FASTLY)
2 35.153.91.195 14618 (AMAZON-AES)
2 3 44.211.1.254 14618 (AMAZON-AES)
1 1 2600:1f18:61c... 14618 (AMAZON-AES)
8 8 18.214.96.241 14618 (AMAZON-AES)
3 2a04:4e42:400... 54113 (FASTLY)
4 4 54.85.193.37 14618 (AMAZON-AES)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 51.222.239.230 16276 (OVH)
2 2 44.196.110.42 14618 (AMAZON-AES)
1 1 8.2.111.13 46636 (NATCOWEB)
2 4 142.251.35.166 15169 (GOOGLE)
4 3.220.222.172 14618 (AMAZON-AES)
3 151.101.1.108 54113 (FASTLY)
1 34.120.23.223 396982 (GOOGLE-CL...)
3 8.28.7.84 62713 (AS-PUBMATIC)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 1 23.23.107.195 14618 (AMAZON-AES)
1 2 35.227.252.103 15169 (GOOGLE)
4 4 207.198.113.89 13768 (COGECO-PEER1)
18 30 2600:9000:24f... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.58.62 396982 (GOOGLE-CL...)
2 2 35.210.53.219 15169 (GOOGLE)
1 4 199.187.193.185 47043 (SMARTADSE...)
1 74.119.119.150 19750 (AS-CRITEO)
4 4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 52.24.202.12 16509 (AMAZON-02)
1 2 54.204.251.148 14618 (AMAZON-AES)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
1 2 54.87.95.148 14618 (AMAZON-AES)
1 108.156.172.121 16509 (AMAZON-02)
34 41 2600:9000:24f... 16509 (AMAZON-02)
4 4 108.156.184.13 16509 (AMAZON-02)
4 5 185.167.164.39 198622 (ADFORM)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 52.4.210.20 14618 (AMAZON-AES)
1 1 34.200.205.254 14618 (AMAZON-AES)
1 2 199.187.193.192 47043 (SMARTADSE...)
4 4 35.214.223.115 15169 (GOOGLE)
9 9 35.71.139.29 16509 (AMAZON-02)
2 2 2600:1f18:612... 14618 (AMAZON-AES)
1 2 63.251.28.234 13789 (INTERNAP-...)
8 2600:9000:24f... 16509 (AMAZON-02)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 3.215.101.237 14618 (AMAZON-AES)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 2 173.231.178.85 32475 (SINGLEHOP...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 54.243.126.57 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
4 4 104.99.26.140 16625 (AKAMAI-AS)
1 1 172.104.64.149 63949 (LINODE-AP...)
1 5.161.47.120 213230 (HETZNER-C...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
2 2 35.201.96.126 15169 (GOOGLE)
1 8.28.7.109 62713 (AS-PUBMATIC)
2 2 141.94.171.214 16276 (OVH)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 69.166.1.14 ()
2 104.117.182.27 ()
9 23.64.60.21 ()
4 184.29.143.137 ()
5 23.49.100.28 ()
10 34.111.96.116 ()
2 23.44.133.31 ()
1 1 3.234.62.154 ()
1 34.96.105.8 ()
1 1 185.98.54.153 ()
1 2 96.16.29.148 ()
1 1 4.78.226.232 ()
1 99.80.118.88 ()
1 1 198.24.170.28 ()
2 2 15.235.43.120 ()
1 2 54.236.78.230 ()
797 154
1    52.151.238.5 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
thetimestribune.com.admin-us2.cas.ms
7    2600:1400:9000::687e:76f8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net
csp.azureedge.net
11    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
thetimestribune.com
www.thetimestribune.com
52    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
1    108.156.172.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-102.cmh68.r.cloudfront.net
tags.crwdcntrl.net
2    2607:f8b0:4006:81f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    108.156.172.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-86.cmh68.r.cloudfront.net
cdn-gateflipp.flippback.com
21    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    108.156.172.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-99.cmh68.r.cloudfront.net
prod.adspsp.com
4    216.17.34.108 (Minneapolis, United States)

ASN10242 (USINTERNET, US)
thetimestribune-cnhi-pw.newsmemory.com
1    104.81.241.61 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-241-61.deploy.static.akamaitechnologies.com
s.ntv.io
1    108.156.172.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-9.cmh68.r.cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
1    35.155.108.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-108-1.us-west-2.compute.amazonaws.com
casmp.adperfect.com
2    2607:f8b0:4004:c0b::99 (Ashburn, United States)

ASN15169 (GOOGLE, US)
japfg-trending-content.appspot.com
2    108.156.172.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-44.cmh68.r.cloudfront.net
api.circularhub.com
1    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
3    54.82.174.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-174-208.compute-1.amazonaws.com
static.cnhionline.com
2    34.202.114.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-114-247.compute-1.amazonaws.com
video.digi-me.com
10    2600:9000:24f7:1000:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
6    2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
bandborder.com
3    2607:f8b0:4006:80b::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    108.156.168.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-168-23.cmh68.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:24fd:dc00:1e:7118:9c80:93a1 (United States)

ASN16509 (AMAZON-02, US)
geo.adspsp.com
21    2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.156.184.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-9.cmh68.r.cloudfront.net
p.flipp.com
7    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:24f7:9a00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
3    54.88.76.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-76-203.compute-1.amazonaws.com
jadserve.postrelease.com
9    34.213.190.9 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-190-9.us-west-2.compute.amazonaws.com
adspsp.com
1    2607:f8b0:4006:822::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    108.156.167.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-167-180.cmh68.r.cloudfront.net
cdn.segment.com
1    2600:9000:24f7:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
38    104.72.145.167 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-145-167.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
px.moatads.com
voxcustomdfp152282307853.s.moatpixel.com
voxvidint960547728228.s.moatpixel.com
2    108.156.187.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-187-204.cmh68.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
19    68.67.160.114 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
30    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
cnhi-d.openx.net
u.openx.net
us-u.openx.net
justapinch-com-d.openx.net
eu-u.openx.net
2    2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
13    3.208.125.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-125-27.compute-1.amazonaws.com
btlr.sharethrough.com
28    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantcount.com
2    108.156.172.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-69.cmh68.r.cloudfront.net
cdn-resources.prfct.cc
7    108.156.172.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-74.cmh68.r.cloudfront.net
a.wishabi.com
1    130.211.10.17 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 17.10.211.130.bc.googleusercontent.com
www.justapinch.com
3    2607:f8b0:4006:80c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    2600:9000:24fd:4e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    52.207.194.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-194-90.compute-1.amazonaws.com
ad.crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
20    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.213.236.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-236-150.us-west-2.compute.amazonaws.com
api.segment.io
12    2607:f8b0:4006:80e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
4    2607:f8b0:4006:80b::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
3    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    3.231.49.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-49-203.compute-1.amazonaws.com
ping.chartbeat.net
3    2600:1f18:44f0:4800:250:51f2:8e30:528d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
18    2607:f8b0:4006:822::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2607:f8b0:4006:821::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:24fd:6e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
4    34.233.171.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-171-12.compute-1.amazonaws.com
ad.360yield.com
match.360yield.com
19    104.72.144.21 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-72-144-21.deploy.static.akamaitechnologies.com
cs.media.net
hblg.media.net
warp.media.net
cvision.media.net
1    44.205.97.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-97-245.compute-1.amazonaws.com
rtb.gumgum.com
13    34.225.32.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-32-205.compute-1.amazonaws.com
match.sharethrough.com
4    104.81.240.200 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-81-240-200.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    2606:ae80:1471:19::1050 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
6    63.251.114.136 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
3    34.117.126.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
18    20.60.81.107 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
citysparkstorage.blob.core.windows.net
5    34.102.227.237 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 237.227.102.34.bc.googleusercontent.com
f.wishabi.net
4    34.117.86.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.86.117.34.bc.googleusercontent.com
images.wishabi.net
11    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
13    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
24    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
8    216.200.232.253 (New Market, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    23.92.190.69 (Charlotte, United States)

ASN10913 (INTERNAP-BLK, US)
ce.lijit.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
40    142.250.80.34 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
3    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    44.194.228.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-228-115.compute-1.amazonaws.com
sync.srv.stackadapt.com
7    68.67.179.166 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
19    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
5    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
4    108.156.184.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-51.cmh68.r.cloudfront.net
aa.agkn.com
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    23.44.211.156 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-44-211-156.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
7    2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    54.235.189.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-189-154.compute-1.amazonaws.com
sync.ipredictive.com
2    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
5    162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
2    18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com
cs.emxdgt.com
2    202.241.208.52 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.32.172.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-172-185.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
24    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
34    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
token.rubiconproject.com
6    172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
15    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
cdn.concert.io
2    3.210.251.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-251-205.compute-1.amazonaws.com
i.viafoura.co
notifications.viafoura.co
1    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    54.81.25.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-25-165.compute-1.amazonaws.com
bpi.rtactivate.com
6    54.175.230.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-230-119.compute-1.amazonaws.com
i.liadm.com
5    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
6    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
18    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    18.220.131.167 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-131-167.us-east-2.compute.amazonaws.com
sync.adotmob.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    34.107.222.173 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.222.107.34.bc.googleusercontent.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
5    2607:f8b0:4006:822::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
4    52.46.145.177 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
24    199.232.192.124 (United States)

ASN54113 (FASTLY, US)
hymnal-prod.vox-cdn.com
volume-assets.voxmedia.com
2    35.153.91.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-91-195.compute-1.amazonaws.com
usersync.samplicio.us
3    44.211.1.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-1-254.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    2600:1f18:61c0:2204:5d2:2a49:8c46:6613 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
8    18.214.96.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-96-241.compute-1.amazonaws.com
match.prod.bidr.io
3    2a04:4e42:400::272 (United States)

ASN54113 (FASTLY, US)
m.media-amazon.com
images-na.ssl-images-amazon.com
4    54.85.193.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-193-37.compute-1.amazonaws.com
pm.w55c.net
i.w55c.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
2    44.196.110.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-110-42.compute-1.amazonaws.com
ssp.disqus.com
1    8.2.111.13 (United States)

ASN46636 (NATCOWEB, US)
cs.iqzone.com
4    142.251.35.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net
ad.doubleclick.net
4    3.220.222.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-222-172.compute-1.amazonaws.com
geo.moatads.com
mb.moatads.com
3    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com
engagefront.theweathernetwork.com
3    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:1f18:ed:550a:e5e8:a01c:2029:474f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    23.23.107.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-107-195.compute-1.amazonaws.com
aorta.clickagy.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
30    2600:9000:24fd:3c00:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    34.120.58.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.58.120.34.bc.googleusercontent.com
www.americanhometownmedia.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
4    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    52.24.202.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-202-12.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
2    54.204.251.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-251-148.compute-1.amazonaws.com
io.narrative.io
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    204.2.255.233 (Pompano Beach, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    54.87.95.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-95-148.compute-1.amazonaws.com
rtb.adentifi.com
1    108.156.172.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-121.cmh68.r.cloudfront.net
api.intentiq.com
41    2600:9000:24fd:5a00:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
4    108.156.184.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-13.cmh68.r.cloudfront.net
sync1.intentiq.com
5    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    52.4.210.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-210-20.compute-1.amazonaws.com
rtb.adstanding.com
1    34.200.205.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-205-254.compute-1.amazonaws.com
ads.yieldmo.com
2    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
4    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
9    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2600:1f18:612b:4200:d154:f19:a39d:8ac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mb9eo.publishers.tremorhub.com
2    63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
8    2600:9000:24fd:6a00:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)
video.primis.tech
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    3.215.101.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-101-237.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
2    173.231.178.85 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    54.243.126.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-126-57.compute-1.amazonaws.com
t.pswec.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
4    104.99.26.140 (Querétaro, Mexico)

ASN16625 (AKAMAI-AS, US)
PTR: a104-99-26-140.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
1    5.161.47.120 (Germany)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.120.47.161.5.clients.your-server.de
matching.truffle.bid
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    8.28.7.109 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    69.166.1.14 (None, )

ASN- ()
apex.go.sonobi.com
2    104.117.182.27 (None, )

ASN- ()
qsearch-a.akamaihd.net
9    23.64.60.21 (None, )

ASN- ()
contextual.media.net
4    184.29.143.137 (None, )

ASN- ()
pxlclnmdecom-a.akamaihd.net
5    23.49.100.28 (None, )

ASN- ()
lg3.media.net
10    34.111.96.116 (None, )

ASN- ()
dts.clnmde.com
dts6.clnmde.com
2    23.44.133.31 (None, )

ASN- ()
res-a.akamaihd.net
1    3.234.62.154 (None, )

ASN- ()
cc.adingo.jp
1    34.96.105.8 (None, )

ASN- ()
tr.blismedia.com
1    185.98.54.153 (None, )

ASN- ()
s.uuidksinc.net
2    96.16.29.148 (None, )

ASN- ()
sync.teads.tv
1    4.78.226.232 (None, )

ASN- ()
oxp.mxptint.net
1    99.80.118.88 (None, )

ASN- ()
s.cpx.to
1    198.24.170.28 (None, )

ASN- ()
server.cpmstar.com
2    15.235.43.120 (None, )

ASN- ()
gu.dyntrk.com
2    54.236.78.230 (None, )

ASN- ()
dpm.demdex.net
Apex Domain
Subdomains		 Transfer
73 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 481
image8.pubmatic.com — Cisco Umbrella Rank: 594
image2.pubmatic.com — Cisco Umbrella Rank: 852
image4.pubmatic.com — Cisco Umbrella Rank: 824
image6.pubmatic.com — Cisco Umbrella Rank: 716
simage2.pubmatic.com — Cisco Umbrella Rank: 641
simage4.pubmatic.com — Cisco Umbrella Rank: 1176
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
aud.pubmatic.com — Cisco Umbrella Rank: 4185
58 KB
70 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
ad.doubleclick.net — Cisco Umbrella Rank: 161
214 KB
52 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 18734
467 KB
46 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1696
sync.intentiq.com — Cisco Umbrella Rank: 1257
sync1.intentiq.com — Cisco Umbrella Rank: 3612
57 KB
41 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837
9 KB
38 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2398
video.primis.tech — Cisco Umbrella Rank: 6021
3 MB
33 media.net
cs.media.net — Cisco Umbrella Rank: 1387
hblg.media.net
contextual.media.net
warp.media.net
lg3.media.net
cvision.media.net
438 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 933
167 KB
32 openx.net
cnhi-d.openx.net — Cisco Umbrella Rank: 141198
u.openx.net — Cisco Umbrella Rank: 653
us-u.openx.net — Cisco Umbrella Rank: 411
rtb.openx.net — Cisco Umbrella Rank: 1546
justapinch-com-d.openx.net
eu-u.openx.net
5 KB
31 googlesyndication.com
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
420 KB
29 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
23 KB
29 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
eus.rubiconproject.com — Cisco Umbrella Rank: 529
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 835
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
49 KB
29 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 414
acdn.adnxs.com — Cisco Umbrella Rank: 576
74 KB
26 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 903
match.sharethrough.com — Cisco Umbrella Rank: 487
16 KB
25 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1429
usersync.gumgum.com — Cisco Umbrella Rank: 1909
8 KB
22 moatads.com
z.moatads.com — Cisco Umbrella Rank: 389
s-jsonp.moatads.com — Cisco Umbrella Rank: 15087
geo.moatads.com — Cisco Umbrella Rank: 674
mb.moatads.com — Cisco Umbrella Rank: 654
px.moatads.com — Cisco Umbrella Rank: 442
535 KB
21 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
99 KB
20 moatpixel.com
voxcustomdfp152282307853.s.moatpixel.com — Cisco Umbrella Rank: 11849
voxvidint960547728228.s.moatpixel.com — Cisco Umbrella Rank: 17881
5 KB
19 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
9 KB
18 voxmedia.com
volume-assets.voxmedia.com — Cisco Umbrella Rank: 16887
3 MB
18 windows.net
citysparkstorage.blob.core.windows.net — Cisco Umbrella Rank: 28199
2 MB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
7 KB
13 adspsp.com
prod.adspsp.com — Cisco Umbrella Rank: 16512
geo.adspsp.com — Cisco Umbrella Rank: 66531
adspsp.com — Cisco Umbrella Rank: 14733
116 KB
11 google.com
ampcid.google.com — Cisco Umbrella Rank: 2240
analytics.google.com — Cisco Umbrella Rank: 353
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
11 thetimestribune.com
thetimestribune.com
www.thetimestribune.com
135 KB
10 clnmde.com
dts.clnmde.com
dts6.clnmde.com
2 KB
10 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 581
ce.lijit.com — Cisco Umbrella Rank: 842
10 KB
10 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 11395
292 KB
9 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 335
4 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 761
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
sync.smartadserver.com — Cisco Umbrella Rank: 1433
4 KB
9 wishabi.net
f.wishabi.net — Cisco Umbrella Rank: 10569
images.wishabi.net — Cisco Umbrella Rank: 21675
284 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
401 KB
9 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
ad.crwdcntrl.net — Cisco Umbrella Rank: 7177
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
id.crwdcntrl.net — Cisco Umbrella Rank: 1446
17 KB
8 akamaihd.net
qsearch-a.akamaihd.net
pxlclnmdecom-a.akamaihd.net
res-a.akamaihd.net
126 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
4 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
4 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 497
6 KB
7 liadm.com
i.liadm.com — Cisco Umbrella Rank: 552
i6.liadm.com — Cisco Umbrella Rank: 1943
4 KB
7 concert.io
bids.concert.io — Cisco Umbrella Rank: 8410
cdn.concert.io — Cisco Umbrella Rank: 8985
652 KB
7 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 331
id.rlcdn.com — Cisco Umbrella Rank: 567
api.rlcdn.com — Cisco Umbrella Rank: 802
1 KB
7 wishabi.com
a.wishabi.com — Cisco Umbrella Rank: 13766
3 KB
7 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713
dis.criteo.com — Cisco Umbrella Rank: 658
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
9 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 939
pixel.quantserve.com — Cisco Umbrella Rank: 666
cms.quantserve.com — Cisco Umbrella Rank: 639
12 KB
7 azureedge.net
mcasproxy.azureedge.net — Cisco Umbrella Rank: 40752
csp.azureedge.net — Cisco Umbrella Rank: 30681
58 KB
6 vox-cdn.com
hymnal-prod.vox-cdn.com — Cisco Umbrella Rank: 12792
256 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
d.turn.com — Cisco Umbrella Rank: 1130
r.turn.com
3 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
5 KB
6 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
1 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
338 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 566
3 KB
5 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
936 B
5 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 11742
i.viafoura.co — Cisco Umbrella Rank: 11598
notifications.viafoura.co — Cisco Umbrella Rank: 14046
4 KB
5 simpli.fi
tag.simpli.fi Failed
um.simpli.fi — Cisco Umbrella Rank: 759
2 KB
4 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 870
3 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 752
1 KB
4 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 3312
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 688
i.w55c.net
3 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
4 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 711
1 KB
4 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 901
1 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4819
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2838
1 KB
4 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
match.360yield.com
1 KB
4 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1372
33 KB
4 bandborder.com
bandborder.com — Cisco Umbrella Rank: 121015
26 KB
4 newsmemory.com
thetimestribune-cnhi-pw.newsmemory.com
182 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4141
oxp.mxptint.net
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1375
1 KB
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 846
1 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 977
807 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 707
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
85 KB
3 jquery.com
code.jquery.com — Cisco Umbrella Rank: 686
15 KB
3 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 68
33 KB
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 971
3 KB
3 gstatic.com
fonts.gstatic.com
84 KB
3 cnhionline.com
static.cnhionline.com — Cisco Umbrella Rank: 124643
72 KB
2 demdex.net
dpm.demdex.net
2 KB
2 dyntrk.com
gu.dyntrk.com
1 KB
2 teads.tv
sync.teads.tv
613 B
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 2740
mwzeom.zeotap.com
850 B
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3040
953 B
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3765
625 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3103
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1303
1011 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 595
1 KB
2 tremorhub.com
mb9eo.publishers.tremorhub.com — Cisco Umbrella Rank: 6881
735 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1008
558 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1107
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2021
643 B
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 7131
471 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4507
749 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1383
94 KB
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1235
763 B
2 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 465
52 KB
2 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 2438
528 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 527
701 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 898
2 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1031
525 B
2 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1380
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3206
966 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 799
596 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1274
1 KB
2 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 518
1 KB
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
1 KB
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 522
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 655
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 500
478 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
954 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
58 KB
2 prfct.cc
cdn-resources.prfct.cc — Cisco Umbrella Rank: 90475
3 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 868
pixel.quantcount.com — Cisco Umbrella Rank: 2669
793 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
89 KB
2 digi-me.com
video.digi-me.com — Cisco Umbrella Rank: 226438
4 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 33320
p.cityspark.com — Cisco Umbrella Rank: 22782
12 KB
2 circularhub.com
api.circularhub.com — Cisco Umbrella Rank: 28414
158 KB
2 appspot.com
japfg-trending-content.appspot.com — Cisco Umbrella Rank: 60907
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 cpmstar.com
server.cpmstar.com
609 B
1 cpx.to
s.cpx.to
878 B
1 uuidksinc.net
s.uuidksinc.net
291 B
1 blismedia.com
tr.blismedia.com
173 B
1 adingo.jp
cc.adingo.jp
452 B
1 sonobi.com
apex.go.sonobi.com
942 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1122
410 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5149
278 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 4752
369 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 5627
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1955
395 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2002
292 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1201
674 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2014
555 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 629
437 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 8722
360 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3458
465 B
1 americanhometownmedia.com
www.americanhometownmedia.com — Cisco Umbrella Rank: 73368
103 KB
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1552
650 B
1 theweathernetwork.com
engagefront.theweathernetwork.com — Cisco Umbrella Rank: 1673
309 B
1 iqzone.com
cs.iqzone.com — Cisco Umbrella Rank: 1687
820 B
1 ssl-images-amazon.com
images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 774
2 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 690
378 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
557 B
1 permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app — Cisco Umbrella Rank: 11454
166 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2127
418 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1368
706 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 929
311 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1644
109 B
1 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 848
537 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 705
634 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1227
201 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1049
179 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
466 B
1 justapinch.com
www.justapinch.com — Cisco Umbrella Rank: 57083
22 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1412
15 KB
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 15235
1 adperfect.com
casmp.adperfect.com — Cisco Umbrella Rank: 128478
3 KB
1 cloudfront.net
d1gzrgn7m19oq9.cloudfront.net
550 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3120
148 KB
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 15556
18 KB
1 cas.ms
thetimestribune.com.admin-us2.cas.ms
1 KB
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 advertising.com Failed
adserver-us.adtech.advertising.com Failed
797 165
Domain Requested by
52 bloximages.chicago2.vip.townnews.com www.thetimestribune.com
41 sync.intentiq.com 34 redirects
40 cm.g.doubleclick.net 14 redirects ap.lijit.com
rtb.gumgum.com
eus.rubiconproject.com
us-u.openx.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
bcp.crwdcntrl.net
30 live.primis.tech 18 redirects thetimestribune.com.admin-us2.cas.ms
live.primis.tech
www.thetimestribune.com
26 c2shb.ssp.yahoo.com prod.adspsp.com
www.americanhometownmedia.com
25 simage2.pubmatic.com 10 redirects ads.pubmatic.com
www.thetimestribune.com
ssbsync.smartadserver.com
24 image8.pubmatic.com 20 redirects ads.pubmatic.com
www.thetimestribune.com
live.primis.tech
24 usersync.gumgum.com 1 redirects ap.lijit.com
rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
22 us-u.openx.net 3 redirects prod.adspsp.com
us-u.openx.net
www.americanhometownmedia.com
21 www.google-analytics.com www.googletagmanager.com
www.thetimestribune.com
thetimestribune.com.admin-us2.cas.ms
cdn.concert.io
www.google-analytics.com
21 securepubads.g.doubleclick.net www.thetimestribune.com
securepubads.g.doubleclick.net
thetimestribune.com.admin-us2.cas.ms
www.googletagservices.com
prod.adspsp.com
20 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
ap.lijit.com
match.sharethrough.com
rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
ssum-sec.casalemedia.com
us-u.openx.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
19 x.bidswitch.net 19 redirects
19 ib.adnxs.com 10 redirects prod.adspsp.com
acdn.adnxs.com
www.americanhometownmedia.com
18 volume-assets.voxmedia.com cdn.concert.io
18 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
18 citysparkstorage.blob.core.windows.net www.thetimestribune.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 pixel.rubiconproject.com 11 redirects eus.rubiconproject.com
13 match.adsrvr.org 12 redirects live.primis.tech
13 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
www.thetimestribune.com
13 btlr.sharethrough.com prod.adspsp.com
12 voxcustomdfp152282307853.s.moatpixel.com www.thetimestribune.com
10 px.moatads.com www.thetimestribune.com
10 cdn.viafoura.net www.thetimestribune.com
cdn.viafoura.net
9 contextual.media.net 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
contextual.media.net
us-u.openx.net
9 eb2.3lift.com 9 redirects
9 pagead2.googlesyndication.com www.thetimestribune.com
www.googletagservices.com
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
9 image2.pubmatic.com 4 redirects ads.pubmatic.com
9 www.googletagservices.com securepubads.g.doubleclick.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
thetimestribune.com.admin-us2.cas.ms
9 adspsp.com www.thetimestribune.com
9 www.thetimestribune.com www.thetimestribune.com
8 cvision.media.net 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
8 dts.clnmde.com pxlclnmdecom-a.akamaihd.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
8 video.primis.tech www.thetimestribune.com
live.primis.tech
8 voxvidint960547728228.s.moatpixel.com www.thetimestribune.com
8 match.prod.bidr.io 8 redirects
8 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 sync.mathtag.com 8 redirects
8 sync.1rx.io 8 redirects
7 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
us-u.openx.net
7 secure.adnxs.com 7 redirects
7 a.wishabi.com www.thetimestribune.com
thetimestribune.com.admin-us2.cas.ms
7 z.moatads.com s.ntv.io
prod.adspsp.com
z.moatads.com
cdn.concert.io
6 hymnal-prod.vox-cdn.com prod.adspsp.com
www.thetimestribune.com
6 ups.analytics.yahoo.com 5 redirects us-u.openx.net
6 i.liadm.com 5 redirects ads.pubmatic.com
6 sync-tm.everesttech.net 6 redirects
6 ap.lijit.com 4 redirects s.amazon-adsystem.com
www.americanhometownmedia.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
prod.adspsp.com
6 c.amazon-adsystem.com prod.adspsp.com
c.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
live.primis.tech
6 www.googletagmanager.com www.thetimestribune.com
www.googletagmanager.com
5 lg3.media.net 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
thetimestribune.com.admin-us2.cas.ms
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync.crwdcntrl.net 2 redirects www.thetimestribune.com
bcp.crwdcntrl.net
5 www.google.com securepubads.g.doubleclick.net
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 pixel.tapad.com 3 redirects ads.pubmatic.com
us-u.openx.net
5 f.wishabi.net www.thetimestribune.com
5 cs.media.net 3 redirects contextual.media.net
5 um.simpli.fi 5 redirects
5 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
4 hblg.media.net thetimestribune.com.admin-us2.cas.ms
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
4 px.owneriq.net 4 redirects
4 csync.loopme.me 4 redirects
4 sync1.intentiq.com 4 redirects
4 a.clickcertain.com 4 redirects
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 pixel-sync.sitescout.com 4 redirects
4 ad.doubleclick.net 2 redirects www.thetimestribune.com
4 aax-us-east.amazon-adsystem.com 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
aax-us-east.amazon-adsystem.com
www.thetimestribune.com
4 ad.turn.com 4 redirects
4 cdn.concert.io prod.adspsp.com
cdn.concert.io
hymnal-prod.vox-cdn.com
4 token.rubiconproject.com 4 redirects
4 id5-sync.com 2 redirects live.primis.tech
4 u.openx.net 4 redirects
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 aa.agkn.com 1 redirects us-u.openx.net
www.thetimestribune.com
bcp.crwdcntrl.net
4 rtb.mfadsrvr.com 4 redirects
4 ce.lijit.com 1 redirects ap.lijit.com
4 images.wishabi.net www.thetimestribune.com
4 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
live.primis.tech
4 idsync.rlcdn.com 2 redirects us-u.openx.net
bcp.crwdcntrl.net
4 csp.azureedge.net cdn.cityspark.com
csp.azureedge.net
4 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 pixel.quantserve.com www.thetimestribune.com
cdn.cityspark.com
cdn.jsdelivr.net
4 cdn.segment.com thetimestribune.com.admin-us2.cas.ms
cdn.segment.com
4 bandborder.com www.thetimestribune.com
bandborder.com
4 thetimestribune-cnhi-pw.newsmemory.com www.thetimestribune.com
thetimestribune-cnhi-pw.newsmemory.com
3 simage4.pubmatic.com ads.pubmatic.com
3 acdn.adnxs.com prod.adspsp.com
www.americanhometownmedia.com
3 pm.w55c.net 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 cdn.indexww.com ssum-sec.casalemedia.com
3 image6.pubmatic.com ads.pubmatic.com
3 js-sec.indexww.com prod.adspsp.com
www.americanhometownmedia.com
3 image4.pubmatic.com 1 redirects ads.pubmatic.com
3 ssbsync.smartadserver.com 2 redirects live.primis.tech
3 sync.ipredictive.com 3 redirects
3 odr.mookie1.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 p.rfihub.com 3 redirects
3 sync.targeting.unrulymedia.com 3 redirects
3 bids.concert.io prod.adspsp.com
www.thetimestribune.com
3 ad.360yield.com 3 redirects
3 cdn.jsdelivr.net cdn.cityspark.com
cdn.concert.io
live.primis.tech
3 api.viafoura.co cdn.viafoura.net
3 code.jquery.com bloximages.chicago2.vip.townnews.com
3 adservice.google.com securepubads.g.doubleclick.net
3 lh3.googleusercontent.com www.thetimestribune.com
3 htlb.casalemedia.com prod.adspsp.com
www.americanhometownmedia.com
3 bidder.criteo.com prod.adspsp.com
static.criteo.net
3 jadserve.postrelease.com s.ntv.io
www.thetimestribune.com
3 fonts.gstatic.com fonts.googleapis.com
3 static.cnhionline.com www.thetimestribune.com
3 prod.adspsp.com www.thetimestribune.com
securepubads.g.doubleclick.net
3 mcasproxy.azureedge.net thetimestribune.com.admin-us2.cas.ms
mcasproxy.azureedge.net
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 gu.dyntrk.com 2 redirects
2 sync.teads.tv 1 redirects 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
2 res-a.akamaihd.net 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
2 dts6.clnmde.com 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
2 warp.media.net 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
2 qsearch-a.akamaihd.net thetimestribune.com.admin-us2.cas.ms
2 pixel.onaudience.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 t.pswec.com 2 redirects
2 cm.adgrx.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 c2shb.pubgw.yahoo.com live.primis.tech
2 ads.stickyadstv.com 1 redirects live.primis.tech
2 mb9eo.publishers.tremorhub.com 2 redirects
2 sync.smartadserver.com 1 redirects
2 rtb.adentifi.com 1 redirects www.thetimestribune.com
2 pmp.mxptint.net 1 redirects www.thetimestribune.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects www.thetimestribune.com
2 io.narrative.io 1 redirects www.thetimestribune.com
2 cms.quantserve.com 2 redirects
2 a.usbrowserspeed.com 2 redirects
2 pool.admedo.com 2 redirects
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 rtb.openx.net 1 redirects us-u.openx.net
2 mb.moatads.com z.moatads.com
2 geo.moatads.com z.moatads.com
2 ssp.disqus.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 m.media-amazon.com aax-us-east.amazon-adsystem.com
2 usersync.samplicio.us prod.adspsp.com
2 id.rlcdn.com 1 redirects us-u.openx.net
2 creativecdn.com 2 redirects
2 tg.socdm.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 bh.contextweb.com 2 redirects
2 stags.bluekai.com 1 redirects us-u.openx.net
2 b1sync.zemanta.com 2 redirects
2 amazon-tam-match.dotomi.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 p.adsymptotic.com 1 redirects www.thetimestribune.com
2 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
2 static.criteo.net prod.adspsp.com
static.criteo.net
2 cdn-resources.prfct.cc d1gzrgn7m19oq9.cloudfront.net
2 analytics.google.com www.googletagmanager.com
2 fastlane.rubiconproject.com prod.adspsp.com
2 cnhi-d.openx.net prod.adspsp.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 connect.facebook.net www.thetimestribune.com
connect.facebook.net
2 video.digi-me.com www.thetimestribune.com
video.digi-me.com
2 api.circularhub.com www.thetimestribune.com
thetimestribune.com.admin-us2.cas.ms
2 japfg-trending-content.appspot.com www.thetimestribune.com
thetimestribune.com.admin-us2.cas.ms
2 fonts.googleapis.com www.thetimestribune.com
live.primis.tech
2 thetimestribune.com 1 redirects www.thetimestribune.com
1 server.cpmstar.com 1 redirects
1 eu-u.openx.net us-u.openx.net
1 i.w55c.net 1 redirects
1 s.cpx.to us-u.openx.net
1 oxp.mxptint.net 1 redirects
1 s.uuidksinc.net 1 redirects
1 tr.blismedia.com 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
1 cc.adingo.jp 1 redirects
1 match.360yield.com 1 redirects
1 r.turn.com 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
1 apex.go.sonobi.com www.americanhometownmedia.com
1 justapinch-com-d.openx.net www.americanhometownmedia.com
1 lb.eu-1-id5-sync.com live.primis.tech
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 id.crwdcntrl.net live.primis.tech
1 api.rlcdn.com live.primis.tech
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 hbopenbid.pubmatic.com live.primis.tech
1 match.adsby.bidtheatre.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 ads.playground.xyz 1 redirects
1 api.intentiq.com live.primis.tech
1 dis.criteo.com ads.pubmatic.com
1 www.americanhometownmedia.com thetimestribune.com.admin-us2.cas.ms
1 aorta.clickagy.com 1 redirects
1 i6.liadm.com us-u.openx.net
1 d.turn.com 1 redirects
1 engagefront.theweathernetwork.com www.thetimestribune.com
1 cs.iqzone.com 1 redirects
1 images-na.ssl-images-amazon.com aax-us-east.amazon-adsystem.com
1 onetag-sys.com 1 redirects
1 s.tribalfusion.com 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
1 notifications.viafoura.co cdn.viafoura.net
1 d.adroll.com 1 redirects
1 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app cdn.concert.io
1 s.company-target.com 1 redirects
1 sync.adotmob.com 1 redirects
1 sync.taboola.com 1 redirects
1 bpi.rtactivate.com ads.pubmatic.com
1 ssc-cms.33across.com 1 redirects
1 i.viafoura.co cdn.viafoura.net
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sync.inmobi.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 pippio.com 1 redirects
1 ping.chartbeat.net www.thetimestribune.com
1 api.segment.io cdn.segment.com
1 ad.crwdcntrl.net www.thetimestribune.com
1 static.adsafeprotected.com bandborder.com
1 p.cityspark.com cdn.cityspark.com
1 www.justapinch.com www.thetimestribune.com
1 s-jsonp.moatads.com thetimestribune.com.admin-us2.cas.ms
1 pixel.quantcount.com secure.quantserve.com
1 rules.quantcount.com secure.quantserve.com
1 ampcid.google.com www.google-analytics.com
1 static.chartbeat.com thetimestribune.com.admin-us2.cas.ms
1 secure.quantserve.com thetimestribune.com.admin-us2.cas.ms
1 p.flipp.com cdn-gateflipp.flippback.com
1 geo.adspsp.com prod.adspsp.com
1 cdn.cityspark.com www.thetimestribune.com
1 casmp.adperfect.com www.thetimestribune.com
1 d1gzrgn7m19oq9.cloudfront.net 1 redirects
1 s.ntv.io www.thetimestribune.com
1 cdn-gateflipp.flippback.com www.thetimestribune.com
1 tags.crwdcntrl.net www.thetimestribune.com
1 thetimestribune.com.admin-us2.cas.ms
0 cs.admanmedia.com Failed www.thetimestribune.com
ssbsync.smartadserver.com
0 adserver-us.adtech.advertising.com Failed prod.adspsp.com
0 tag.simpli.fi Failed www.thetimestribune.com
797 256
Subject Issuer Validity Valid
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
thetimestribune.com
GTS CA 1P5		 2022-11-15 -
2023-02-13		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.flippback.com
Amazon		 2022-07-01 -
2023-07-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
prod.adspsp.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-31		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
editorials.circularhub.com
Amazon		 2022-07-08 -
2023-08-06		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-24 -
2023-09-24		 a year crt.sh
*.cnhionline.com
Go Daddy Secure Certificate Authority - G2		 2022-07-29 -
2023-08-30		 a year crt.sh
*.digi-me.com
Go Daddy Secure Certificate Authority - G2		 2022-11-09 -
2023-12-05		 a year crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
bandborder.com
R3		 2022-11-10 -
2023-02-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-23 -
2022-12-22		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
geo.adspsp.com
Amazon		 2022-01-20 -
2023-02-18		 a year crt.sh
flipp.com
Amazon		 2022-08-31 -
2023-09-28		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
adspsp.com
Amazon		 2022-01-16 -
2023-02-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.segment.com
Amazon		 2022-12-13 -
2024-01-12		 a year crt.sh
quantserve.com
R3		 2022-11-11 -
2023-02-09		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.adperfect.com
Amazon		 2022-04-15 -
2023-05-14		 a year crt.sh
justapinch.com
Go Daddy Secure Certificate Authority - G2		 2022-05-03 -
2023-05-08		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
bids.concert.io
GTS CA 1D4		 2022-10-31 -
2023-01-29		 3 months crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 02		 2022-11-17 -
2023-11-12		 a year crt.sh
f.wishabi.net
GTS CA 1D4		 2022-12-11 -
2023-03-11		 3 months crt.sh
images.wishabi.net
GTS CA 1D4		 2022-11-24 -
2023-02-22		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
concert.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-23 -
2023-04-24		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-27 -
2023-03-22		 6 months crt.sh
*.partner.permutive.app
R3		 2022-09-30 -
2022-12-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.vox-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-04-13 -
2023-05-15		 a year crt.sh
*.samplicio.us
Amazon		 2022-03-18 -
2023-04-16		 a year crt.sh
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-19 -
2023-10-18		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.americanninjawarriornation.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-18 -
2023-12-20		 a year crt.sh
engagefront.theweathernetwork.com
GTS CA 1D4		 2022-11-06 -
2023-02-04		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.primis.tech
Amazon RSA 2048 M01		 2022-10-24 -
2023-11-22		 a year crt.sh
*.confiant-integrations.net
E1		 2022-11-24 -
2023-02-22		 3 months crt.sh
www.americanhometownmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-05-12 -
2023-06-13		 a year crt.sh
adentifi.com
Amazon		 2022-08-05 -
2023-09-03		 a year crt.sh
*.intentiq.com
Amazon		 2022-03-20 -
2023-04-17		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-19		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
truffle.bid
R3		 2022-10-03 -
2023-01-01		 3 months crt.sh
*.ctnsnet.com
DigiCert SHA2 Secure Server CA		 2022-09-27 -
2023-03-08		 5 months crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
dts.clnmde.com
GTS CA 1D4		 2022-11-27 -
2023-02-25		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh

This page contains 95 frames:

Primary Page: https://www.thetimestribune.com/
Frame ID: 9A2FCA72B4F8DB6F85E3D5F4D52F6A2D
Requests: 307 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Frame ID: A10C425ED07CADE5EEF2A853302A5FA1
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Frame ID: 234C07FA53362168A65AAFDF48426C2C
Requests: 1 HTTP requests in this frame

Frame: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 12F822535A5FE65912463301167E6CFC
Requests: 1 HTTP requests in this frame

Frame: https://api.circularhub.com/flyermodules?key=5d82d3b5b94cbe5b&t=1671116247063&campaignId=&engaged_flyers=&mtypeid=27217&callback=__flipp_module_callback
Frame ID: 1BE58C3DF3EAE3D640485292B6DE42C7
Requests: 17 HTTP requests in this frame

Frame: https://a.wishabi.com/sync/wid_iframe.html
Frame ID: D1B9B62D2F3A77A356336AC521F170A6
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 86CC9939571337BFAD3D8CEF5D3EB88C
Requests: 28 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 40BBB24F9E472EFDD371FAA80573DD7A
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_WroNQgsZf_uAmzTVrGd_r7zin6K_5myoqGgHCaccKBZPr188aO8eiLhkKUr_AQK1hRhFdEiYIxVL1kNaHluNEPqtM0CVyi-dcNb-ck8gKhwMN3LbKILNZHexo4QUZUuhsPi3nfsJn_7xBqzEgIReWuItDmALF6Z0Vtk0akGGbRg5Ls8QhTAZxi0RvScyiqrmYKirhTaGXS_KpoTtqkJpEr6n-NbTZw_nk7dOcc6VJp4HA0qgPL2oC44jxxqHTPnR4_c0plvWnymykiKQAzzKjRvp5QMaaYpmJJuumMt5cAecLQWl-a1-TVSZJ0w2PR8MktWENdj7H6AjxLM69yr7hdJsEr8Lhh67OlRwknXmeyIku7VdkI4SKzwqZQ&sai=AMfl-YTGnqIAUrKfCa6LZ1_oUorFN0jcZLtBLgDcH7feJd3sKpTBXsk9SHT0oss6fC-ODMBIIEprBnrryy0FHmGnxxDn9b8HfqcDMKyE3kVr75CULsy5e79mWHgC56wHiArqTS9Yp8ueSz_PUjO0pf2gg3w&sig=Cg0ArKJSzGY-kvv_eVsBEAE&uach_m=[UACH]&adurl=
Frame ID: B69EDA19CD6EF0315658927D649940F7
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu92cwKlBTQep5L5EcXtWRQv07DcHcludUhqGHqgKRZOo3oPH6AHdvTU_YO-0h9T8mHm9l4w6LE1zMwYT0VykuUDXfPQKnYRyD-Zpsw5HUkRCA8l2-xdXl0E4skcGlxWrVBS6j354q1YKmaht20b71culL9XLT9_xd7G5hGVCnsuMlpWagom5jcJPY0pfk-KLJpyBdYHWqqkn-Mlc1uDeSRvgjEpCOT1hASlyCjUdYb1OepX7iuaqy1EZJw-JHupGTIiAMmimtZMOySmHUh7JbCoy561M8fuahHgTfCF9hEvhKHD8ensQT5SQRGKDdVAN-4pfDkFePKui2qTgFPzfcYJQKplfMuF52B6x0alBo_y2Z6l3nb5vo53IV_9w&sai=AMfl-YRGSEjuBu7bvA-IXiDS3P8qk91ERwuKUTxVyZMS9-DBgJmC4sgI6MblaAwvJvPZvFCbRaucR9E2M9x6g6vV4Jcl2CQGxzJkBmfHwslLS67CEvzG7UQZpnN3NtxZsVGZBV-_TvQDs76-I68znWm5eEw&sig=Cg0ArKJSzPclqmEVsor5EAE&uach_m=[UACH]&adurl=
Frame ID: A419D512F796893B7CE58F73796E5543
Requests: 7 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: F06A443CE6A37C23FE2BA0CE1E3997B6
Requests: 16 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 7AF27336CC6AAC480BD85DF3BD6F6946
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 342D1CE75F174804CFF9304647B39348
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 7BE1987C8EFD6878F1A45B0FC2DF6643
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyc6i5UI1qwMd1-RjAAAAAAA&expiration=1671202648&is_secure=true
Frame ID: 09CF7308B6F0FF8ABB6E381994F874A6
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 014FC939C144D867CF2E89DA271AACD8
Requests: 7 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=inm&i=ID5-3598dYeMH9LTtopk_3At5NEMerxF1_87bLVOkpu5Og
Frame ID: 9361DA57CA28F6F02B6434BE71D391F8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 0088583433B52218E3F156C105790718
Requests: 11 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e063f1e7-594f-448d-9ec8-39652287366a
Frame ID: 5E274DB4351B6860CDF59674F3E1302F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=bb6e639b-35d8-4700-b24f-66a0bc478f25&gdpr=&gdpr_consent=
Frame ID: 903024685B059708F4BE1FDD466DB0CC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y5s12AAEM5AzzAAF&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
Frame ID: F0E16D08CD4CF95D5914BAAE9B7CA884
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iMTJhNDY2MS1mZjE0LTQ2YjYtOTQ3NC1lNDVkYjI0ZTkxMjI=&gdpr=&gdpr_consent=
Frame ID: 65871F2F266396AF35D24B46A577E882
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=57988376775515890brt56801671116248297150af
Frame ID: 4A0710CA0779A126A96989CD2379EF32
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y5s12MCo5ssAAI3nxagAAAAA
Frame ID: 9D662BA04064CA270E92278F6F3DDEB1
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y5s12O09IR-LnG.t1VrL1AAA%26145
Frame ID: 2F5EDA14E1F5E4233B937173157FB118
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=t3Z2AE7y1EhbQ0RUc4Z5&pi=gumgum&tc=1
Frame ID: 543C86A8C77644CA5AEF724D038B6913
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 65FA1A0A49CF73988CA2FE339163EDF4
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 26F1B1E2B73B7342F153D0A5A5515BD7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.concert.io/lib/bids/sync.html
Frame ID: 6AC16BBF2EBB0194C6F9927736194EA0
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DEC71789217E56337388648676AC99F9
Requests: 10 HTTP requests in this frame

Frame: https://pr-bh.ybp.yahoo.com/sync/pubmatic/265CC617-1E50-470A-96B5-657054BAA8F9?gdpr=0&gdpr_consent=
Frame ID: B3F418298CE6EF04A78316B25B1519E6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=265CC617-1E50-470A-96B5-657054BAA8F9&redir=true&gdpr=0&gdpr_consent=
Frame ID: B8FD27512C6FF70E5351783E112AF0AE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID265CC617-1E50-470A-96B5-657054BAA8F9
Frame ID: 0320051159B0CC83AE85E4E76F8A0560
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: 513643EF9B22B723B2EC8D2ADEADA255
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: ED9613D255136D01962B0F2CB5A84E72
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI02aQ7S8CwsUAbWRtRvL5z0Sh7MppmFilMl0ODXRm2jWe44UICZIq-02ZI2QgWKmTmT_RpRI_BDwKDVqGlIHGp_hqBS_kXiXKxOEzyqNv55TD7Ldiyiwj55jLP3pn6kP9OCZ-uEwa6ISvy04llc0zY5_dbx34TE5CpI4KILcLwp5l2rkfETa01Dj3Hoeu7vE1cCJ6Q2LV6skuEAMzXbliG0r9jL2tiGDPqd-uDw40h70lZytflqQ_hF0b_Cf7JRgASv1urZNKkF_cU55kfXhK9s7X1KltgdHRV0eHiInkPhOx8sDA1U21jw3Fh87YurdiyUZH4T3rNtUhOqB-qS_6lcE500n69u6tH7SNRiTqzPDUs74HGMZd_sEqkg&sai=AMfl-YQT8Pt03C_6RqvpBNsDZQWdJqkJWxYZEdQU05oQhxcWNkbbVEDLWEky981WcuFMpBYEzNy4ItLnDc3HkwQO0r0ITaFjDFTgPSEkzf2HhhGhacyBrjRrYwoXTDhEiGgdYQ&sig=Cg0ArKJSzIOvably9VzQEAE&uach_m=[UACH]&adurl=
Frame ID: 91A195C273C7DBEBCB66BC23FA37B02D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh7oIcqdUFIyBIK8aSYwKP5jgXyF_PvtIJrAElj7hId427Gxh2tLB4JJk8T98V8_qYJUk4kTKjpChzzJRdicjuZ-ymr-XaxDd6Ljng5cc3GRoTmys89pPd9loxmF2MopArdxaR3-aKqR392HPcObJotk4NZR7-Gyjqx41Q2Btqt3PswG3GQJSMXXPjxVyl8UZ3jRNx20f4K_gOGas1QabpianzhD79o8Pr4B3Fx5ibpl73k4dEoF3nMDQnZ4In7J7Li9-AJGZuwIQiFnu9bon2goVJv1234H3WnZKXQjx-SKNdlL2XCdE1rDV3y335x2n96YygevACsZjbvEgsgJZQyQ_wD6kTJquCimE4ksE&sai=AMfl-YTOpS1Bd7Jr1bKIkKzZrc7kFlHNoy4XZ4BaK6RdGj3zqRLihgOML189jwcwO5xS0cBTgh9Xs0Q2McAfoqGFtydjx13XN79LNp2Z8aRR-oFtXTFR-byLmuMMkpiruxF5Pw&sig=Cg0ArKJSzNFzIIMnHTBzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5E80C4B8ACAE4B963700EAFF6A937AE3
Requests: 34 HTTP requests in this frame

Frame: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97EA382EB7580C01CDCF9BF422CDAC32
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6eEA6RLc448qP-rIDT2wV53YFLw8jPkOVu1Fd_7ub2sgXYBYBg6_w5KU5SwR9B6T5RWcGRGbv4UNJ5vWPNIqEFDS22gBKSsWojewsVXCrJ6PvL9IdKmrIkfa8yLEbvYafRKeR25z6-pr_2ur6aegfQT-Vwh6jlB2V6a8kRTHNYaNNYRZ7br-Jj7TFaxMnYD53LGMSTks9dX2R0m3TKji4gsGdv09E7R79WwJaRQ1_u9tustRmJABc_NJni_U9mU-nabFnnB6fefBhbkt3EN7WK5boBiOJoRsmx3ADGF9739g_kem7VAGnw7gcr22mxzjJ3VY2H4LFq1EMWpgq0tzhdtz5pNs35orFq-7iP0s&sai=AMfl-YRU0ypmwdUgyrwQOKIHy3vTvXovsFDnKiSBHKYrGMpkZoE4By3AiJxNeShknQPtDoYHC4fYvjQrOwvoDUUNcpwgxfH7tnc4tOO7KP44absZk3XBZL4Tk5Rho82wFBDaNg&sig=Cg0ArKJSzC2iLXR02IHoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2F0778E8108D251D25BE40717F1F4D8E
Requests: 36 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CD2A97C1A2ADCAE5F23722D410FFCA41
Requests: 10 HTTP requests in this frame

Frame: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Frame ID: 107C1E3BD3763EF7EA3B0318D25BD083
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=doubleclick.net&cb=237171
Frame ID: B9AF9D2F451B486D3677E5095B359A6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15F5C74E30B4811494A4D02AF7D579E6
Requests: 9 HTTP requests in this frame

Frame: https://bids.concert.io/analytics/tracking?params=U2FsdGVkX1%2BzaZ8MdT6qjI3nEjbXV7n%2BXOlP2YzckXP1cHp3oEaLcjQY1n6mGPl%2FYPvjpNpne8hJCuMcBirxZKi9fDuynsfPQ7zSdQewDf6nk7VHhczh0INpoqkX0LCxgvsjFzlJsq%2FwbTu6xJaQnfyWfEWobAZrdRq8IUdfw%2FBNMLDaasQRNUTax0vh9yftY3hcVrJopvN4huUZYDrcBJTiBHxmjRRyf7MCnMGSLlMsS8ix8BmGiS9sNZWG5GMRKbaiLMjcAdO5nw8KNjI2lak0uDX9uGuL6zTPEMnLy1w2t8MmA8k%2FJMb2DQ1%2F4C8on9beJR3A7LOaee55nMHp8fmJ10Y%2FW5Bqo47hhoageYD33MLOjBIS1uwyKPxq31386liInGD2j9Uy3YLaQ41YHKvrXwMmcEckvMsSWIRNMp8XBuM4khBcg4UMVllvoXBTYC5njIKRoFQCxoVR%2FIw3Ow%3D%3D
Frame ID: 3E9B39EBE952612D1E7C5AD8AB71E519
Requests: 1 HTTP requests in this frame

Frame: https://bids.concert.io/analytics/tracking?params=U2FsdGVkX1%2FBC9R%2FJROe0AYlomNG9LpgKITrSDexvBHCuhyLkcQLtiJBfCVckMCVUGnyOtzUr%2BflN%2FtnN62KOk4TxbXsvuilY9%2B0f%2FgPBCSuAMKkDxCWQTXWcCDcrzzKgc7Cl9JsOudLwKBqzdGrp0XyJCMOr%2FY4oT8i5dRkF9ZjGp3usNh%2Bzw220LqGSiBeoyR0k8YJvxAd3D6rQVTeQleHCN%2FoX%2FtbPhzn%2FKjfeKI70ShWkmVMeOumcV29pX%2FhaMKuUhTMzkqtd8tPI1uFEyS41n0NEWtnMLBScyn57UliuDoi2oxY56mdsWcuOTdqGUaiGXdDjMpKUct74%2FGgHtzK9Cz335xdo8FMelivY1lU%2Fs9lW0ZFcTbw6%2FIeOuElyEPYBHs8Hwor7koCtAgNBKxz7PoXKxyql0vBFIrj2oRySU7E2d56URD7S40o8fYmKuvEVbX0P1QNLqiEDwIKoA%3D%3D
Frame ID: F66E7891EA4BBD94CF5D11D911BA63B3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1B4F7FD1C203EACD34620DE000D3495F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2694F72EE4AAF1B0B42365055CE878BC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F713510C8FDA24DAD3455F0B60095C96
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Frame ID: EED6AC28F538339360162AB03A1B857B
Requests: 11 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1671116251&pubUrlAuto=https%3A%2F%2Fwww.thetimestribune.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: A265C208548406AA2C62735C79D9A668
Requests: 33 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 2C90958E4867A39B93FF7687A103CAE8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAtHk7HNmwAACIa0xycww&gdpr=0&gdpr_consent=
Frame ID: 0414B5922A22128A84DB1E77121217D7
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 76319119BB2F265FE2890480360F6315
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D32411A44C73C18B595BA35B15B145AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 55CD643B8286B8953B55410CB1140FB1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: A217C2F3D18BCE18E4923B5C4B428648
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=265CC617-1E50-470A-96B5-657054BAA8F9
Frame ID: 85A379854E34623661A484BEDF40C7EE
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 3A1DC31DC83B7468BC82BB50AA654ED8
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Frame ID: B2E41B794F1C2B4698803B118ED11AD4
Requests: 6 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Frame ID: E0CCFB0C9F6EA3393A2F0A19A00D8325
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thetimestribune.com
Frame ID: 1437AB18E93E1455260C4E802DEAFC76
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 970857204B810360B761CDB28E4B8922
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DAD2A1567EDE1D83539C226BCA67AF0
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Frame ID: 69E63BB00FFA76E30014E98170C1BA8F
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
Frame ID: E3624A389290047BB21B6E015C680F90
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
Frame ID: B57C87B5A71FA92332EAE58DC4D4FD68
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CbZNMz4RQrtN8cGbYeJHmQW16p4
Frame ID: B9287677E4C4212B368DEA476BFDBB08
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 46062926C5745C4E28A1A6B412413A05
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720581416291
Frame ID: A0DA92A37C1DD5D1120BD2C17537AE7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dRsvu7oN1P5PFT5&gdpr=0&gdpr_consent=
Frame ID: 9A997B6094679B0032053C0EA434609D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Frame ID: 02F23210922C69EE2134B772BB30B2B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=WBfL1WEtM
Frame ID: 6BB0DB59B8851DF7EF880DE82DDEF61B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: CAD1E4F1BD81FBB9647682616CB34705
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=265CC617-1E50-470A-96B5-657054BAA8F9
Frame ID: 3F21FAD1E0FFB86F9B8D4D663991F27F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244026551091621944
Frame ID: 9A0DB9AB119B3AC81372883031495DF9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Rvrk3ly2BoyD3v9R3zWbYw
Frame ID: 5DC35431B4B685CB5CF582BBBF2F8311
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 603BCA421AC188152E3265C1F34F70A5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: C82E3DCC1D8BBE702C34B0894C12C764
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: AA779FE9FAA0A35EA95F7B9F268CB482
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ef49c071-ee6f-4a0a-8886-7fe35fb74c81
Frame ID: 2CD4CA1292BBDDF4938F3CD23C9EA6F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703&gdpr=0&gdpr_consent=
Frame ID: 3EE87859CEBF48FAD799B512B8581D07
Requests: 1 HTTP requests in this frame

Frame: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7E901BAD853FEC1496539DF44B528E85
Requests: 21 HTTP requests in this frame

Frame: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7171BF6E493AA71D9B8BEE19ED83E52
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 25F1EDB525BB25377428776AE3AA107A
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: C3866A8950630FB9965B0AC128FBF027
Requests: 3 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 437370CBAD85E43CBF7FBF1490129B41
Requests: 2 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: FBEF1765D1AE8818DA3F79EF8EEFB1D7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A7CAE1409D09F6A615F35735AC81AA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6372DCFB345C118AD733B7A7DD747F89
Requests: 9 HTTP requests in this frame

Frame: https://cvision.media.net/new/140x110/2/177/57/52/8c63bb60-6d44-46f6-9dda-d82253be4c66.jpg?v=9
Frame ID: EF1B2F6956C8A753E7886E66786D9E5B
Requests: 9 HTTP requests in this frame

Frame: https://cvision.media.net/new/140x110/2/179/213/11/928f9f14-367c-4a0e-8123-4f38d742cf27.jpg?v=9
Frame ID: 45D6F54130D4655E49DF838B5E18EEFA
Requests: 9 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DE01C8F394521060D0F8934B3A188983
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E4538EF08CA6CC2181E2F584FACFE17C
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Frame ID: 0C87666E4E351BAB3EBEE38BAABC27B8
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BE662349CEF84CE8A8EADAE9E0D315CA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

thetimestribune.com | Your Life. Your Paper.Article with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesLinkLinkLinkLinkLinkLinkLinkArticlesimagesVideosCommentedVideoVideoVideoVideoVideoImage galleryImage galleryImage galleryArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with images

Page URL History Show full URLs

  1. http://thetimestribune.com.admin-us2.cas.ms/ Page URL
  2. https://thetimestribune.com/ HTTP 301
    https://www.thetimestribune.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

797
Requests

80 %
HTTPS

23 %
IPv6

165
Domains

256
Subdomains

154
IPs

12
Countries

14343 kB
Transfer

26452 kB
Size

298
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thetimestribune.com.admin-us2.cas.ms/ Page URL
  2. https://thetimestribune.com/ HTTP 301
    https://www.thetimestribune.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com HTTP 301
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Request Chain 169
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Request Chain 195
  • https://idsync.rlcdn.com/398526.gif?partner_uid=null HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CL6pGBIPCgsIARCqdhoEbnVsbBAAGg0I1-vsnAYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&rand=07895132 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu&_expected_cookie=c0c5ab599a00f4401fc275e4ea5f4c4e
Request Chain 206
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=39610da3
Request Chain 207
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=EE7C2CD6447D4FB782121DE57AC7E703&ex=simpli.fi&status=ok
Request Chain 208
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=4b03b005-7935-4f69-8c20-44671a57d39c
Request Chain 209
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3141178480815869000V10
Request Chain 219
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=9b4861934ab161e&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyc6i5UI1qwMd1-RjAAAAAAA&expiration=1671202648&is_secure=true
Request Chain 220
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 294
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1671116248243 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7338919184 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e063f1e7-594f-448d-9ec8-39652287366a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Request Chain 295
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=F0hhdPZHdKReb32SS-6T_Si-&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent=
Request Chain 296
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=bf366404-1d0c-476a-946f-44374452a18f
Request Chain 297
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RjBoaGRQWkhkS1JlYjMyU1MtNlRfU2kt&gdpr=0
Request Chain 298
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=969470210586592007
Request Chain 300
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-09b64d33-3e11-42bb-4df1-c19b61e24799$ip$5.181.234.158
Request Chain 301
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Request Chain 302
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Request Chain 303
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Y5s12AAEM5AzzAAF
Request Chain 305
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=57988376775515890
Request Chain 306
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594014441606866446&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dgumgum2%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1eed283-136f-4d2c-a332-987d17084c78&ssp=gumgum2&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594014441606866446&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213510604366009389182&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594014441606866446&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
Request Chain 307
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-56331215-5e50-4dd4-72c9-48cf495869f6$ip$5.181.234.158
Request Chain 308
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=GnCmVp3K2LR_Lyr0T6vr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDW4Q3NKZYDGSZSJRJF6TDZOIYFINTWOI HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDW4Q3NKZYDGSZSJRJF6TDZOIYFINTWOI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=GnCmVp3K2LR_Lyr0T6vr
Request Chain 309
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671116248245 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4681687459 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e063f1e7-594f-448d-9ec8-39652287366a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Request Chain 310
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=NMufRRKAvvUx&ev=1&pid=558355
Request Chain 311
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%288QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%288QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_b12a4661-ff14-46b6-9474-e45db24e9122&obuid=ENC(8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26obUid%3D8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV&uid=72b72d11-6f4c-0610-1618-86951cfa5c1f
Request Chain 312
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=359ba066-38b7-03ba-120c-c4d56c119a72
Request Chain 313
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ZuS8tz9E2pdgGGstMz6wS1dQcvUNkeUWolMG~A
Request Chain 314
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Request Chain 315
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=9A307D73CAD14ED89F8FE7E5256360AF
Request Chain 317
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=4b03b005-7935-4f69-8c20-44671a57d39c
Request Chain 318
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1743175450290086261
Request Chain 321
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-3598dYeMH9LTtopk_3At5NEMerxF1_87bLVOkpu5Og
Request Chain 323
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e063f1e7-594f-448d-9ec8-39652287366a
Request Chain 324
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=bb6e639b-35d8-4700-b24f-66a0bc478f25&gdpr=&gdpr_consent=
Request Chain 325
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5s12AAEM5AzzAAF&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
Request Chain 327
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=57988376775515890&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=57988376775515890brt56801671116248297150af
Request Chain 328
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5s12MCo5ssAAI3nxagAAAAA
Request Chain 329
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5s12O09IR-LnG.t1VrL1AAA%26145
Request Chain 330
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=t3Z2AE7y1EhbQ0RUc4Z5&pi=gumgum&tc=1
Request Chain 331
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 336
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252Fsync%252Fv1%253Fsource_id%253DuFFr5RFBYgoUJbWMAWGEZKS3%2526source_user_id%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjY1Q0M2MTctMUU1MC00NzBBLTk2QjUtNjU3MDU0QkFBOEY5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=265CC617-1E50-470A-96B5-657054BAA8F9
Request Chain 339
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBP7GRR0-23-4BUC HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LBP7GRR0-23-4BUC&ex=d-rubiconproject.com&status=ok
Request Chain 345
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BZEuIP20wfjwtrDVuIm0Zsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-rP5efzdE2oK3SkG9XPC3ynXR7TJU0DR89mRhjA--~A
Request Chain 346
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==
Request Chain 347
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1KR1oYE3SMulU9764glcow&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1KR1oYE3SMulU9764glcow
Request Chain 348
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY2NjM0ZWQwNTNlYTVlOWMxM2M3NTAzMjFjOWRhZDRkNTFkNjc3MQ
Request Chain 349
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=&expires=30
Request Chain 351
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7JaJAOcDwzbSGJbOXzMq8&google_cver=1
Request Chain 352
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBP7GRR0-23-4BUC
Request Chain 360
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBP7GRR0-23-4BUC HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LBP7GRR0-23-4BUC
Request Chain 362
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212056383526205
Request Chain 365
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/265CC617-1E50-470A-96B5-657054BAA8F9?gdpr=0&gdpr_consent=
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JlzGFx5QRwqWtWVwVLqo-Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 370
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=265CC617-1E50-470A-96B5-657054BAA8F9&_li_chk=true&previous_uuid=a75688e224f54542a14a03f313722534 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2Fd3ed9399030142a7953c3ce5eb2a0d8e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&a75688e2-24f5-4542-a14a-03f313722534 HTTP 302
  • https://i.liadm.com/s/e/75145/0/d3ed9399030142a7953c3ce5eb2a0d8e?mpid=7156&muid=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Request Chain 371
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%2C
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvoBui1QWjWSw-25zbfIKQ&google_cver=1
Request Chain 373
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703
Request Chain 374
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=265CC617-1E50-470A-96B5-657054BAA8F9&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FeHPXtZE2uUO6DdIkCONxteiteAKnbw-~A&gdpr=0&gdpr_consent=
Request Chain 375
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=
Request Chain 376
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5s12O09IR-LnG.t1VrL1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
Request Chain 377
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
Request Chain 379
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
Request Chain 380
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5s12O09IR-LnG.t1VrL1AAA%26145 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=2758f9db-1344-4582-bf8a-b64f0a6d0533-tucta94bb59
Request Chain 381
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087e220400fa0a38ee1fd5d2&expiration=[EXPIRATION]
Request Chain 382
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Request Chain 383
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686841049&external_user_id=cae6d776-fd5e-4c4d-a948-0aa0c085a0da
Request Chain 387
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec
Request Chain 388
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=57988376775515890
Request Chain 390
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 391
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5s12AAEM5AzzAAF
Request Chain 393
  • https://match.adsrvr.org/track/cmf/openx?oxid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0&gdpr_consent=
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECI9OFGjn5IqFyVunUEi2tc&google_cver=1
Request Chain 433
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5s12O09IR-LnG.t1VrL1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
Request Chain 434
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
Request Chain 437
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=67af2790-34b1-43a0-ae7e-7a74344429af&expiration=1702652249
Request Chain 438
  • https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjZWNkNThjNzU2NTM0ZjlkZmZmODgzMDA3ODU&expiration=1702652249
Request Chain 439
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EE7C2CD6447D4FB782121DE57AC7E703
Request Chain 440
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAtHk7HNmwAACIa0xycww&expiration=1672325849
Request Chain 457
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-nbsOLbQzaND6RNkj2JKUyFNCpTO2Rf5uDbGfyA7Z6Hohm7MnXw5rRE9i68me7jB-HKnpEeyccpY7Q6TQ7heDAGDhjDoFwYw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-nbsOLbQzaND6RNkj2JKUyFNCpTO2Rf5uDbGfyA7Z6Hohm7MnXw5rRE9i68me7jB-HKnpEeyccpY7Q6TQ7heDAGDhjDoFwYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFJzdnU3b04xUDVQRlQ1&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-nbsOLbQzaND6RNkj2JKUyFNCpTO2Rf5uDbGfyA7Z6Hohm7MnXw5rRE9i68me7jB-HKnpEeyccpY7Q6TQ7heDAGDhjDoFwYw
Request Chain 458
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 459
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1&google_push=AavPq0NFvqDmZW1nItRoygA9-aibSoyumPR-_PGoA-2hy6R9rkgeSmYVp1edyssQur_co15fnuDvGPhYBFZztJHXKmQ2mG8mmVZtcVzida4wEQAMxswomfVf4oOJN0sB4_z_vwpd9KNGKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&google_nid=index&google_push=AavPq0NFvqDmZW1nItRoygA9-aibSoyumPR-_PGoA-2hy6R9rkgeSmYVp1edyssQur_co15fnuDvGPhYBFZztJHXKmQ2mG8mmVZtcVzida4wEQAMxswomfVf4oOJN0sB4_z_vwpd9KNGKA
Request Chain 460
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHCrBIq0rkUYDRMic--pOrg&google_cver=1&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsKiEvh202gqM5nY--ZhXYWDAOOCdYNwZZ34xQPum8TLVubNMBXewUJg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsKiEvh202gqM5nY--ZhXYWDAOOCdYNwZZ34xQPum8TLVubNMBXewUJg&google_hm=F0hhdPZHdKReb32SS-6T_Si-
Request Chain 461
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5fTjtpb6EUGn-DNM4-QxM&google_cver=1&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXMF9KNl2VIOl34lwJUx88zRMHRI_y3bFcZzlNl5DGL7cDZzpBb6EUmQ8GjGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXMF9KNl2VIOl34lwJUx88zRMHRI_y3bFcZzlNl5DGL7cDZzpBb6EUmQ8GjGQ
Request Chain 462
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB2um_zSTRaw_GqacBJ29K0&google_cver=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9BKizIWxg-Cm8zujpQPKkoKNTCHtUGMZY2MihKRLQnPwQrpNVyUlUW_cDGLg7wezY0feErh8jhnhqiasTov2Npl5ErWCguvBhwXR-GD1tS_yw86g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&mn_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9BKizIWxg-Cm8zujpQPKkoKNTCHtUGMZY2MihKRLQnPwQrpNVyUlUW_cDGLg7wezY0feErh8jhnhqiasTov2Npl5ErWCguvBhwXR-GD1tS_yw86g&gdpr=&gdpr_consent=
Request Chain 463
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENVmAM6IOU53UUXkzyEtcJI&google_cver=1&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75slnSzYNwk_Pny5LG6kJN6F8XSLrNtOXfLcHulzVLG9ufOX8DHGbTtBcQk2_aVgb45_4unfB2edj0nvV2Z2EbbSQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10RjluVDg5RTJ1RzJscmNCdEZURVFmMGp6U2QxTDIwWH5B&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75slnSzYNwk_Pny5LG6kJN6F8XSLrNtOXfLcHulzVLG9ufOX8DHGbTtBcQk2_aVgb45_4unfB2edj0nvV2Z2EbbSQ
Request Chain 468
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough HTTP 302
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS03YmUyMzhmNy0xMWQ3LTMwZDctYjY2MS02NTdiMGU2MmY5YjMQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtN2JlMjM4ZjctMTFkNy0zMGQ3LWI2NjEtNjU3YjBlNjJmOWIzMgEaOAE= HTTP 302
  • https://ssp.disqus.com/match?bidder=18&buyeruid=aa71b1b2-e906-461c-ba18-9e6b0f8e4978&r=Cid1YS03YmUyMzhmNy0xMWQ3LTMwZDctYjY2MS02NTdiMGU2MmY5YjMQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLmNvbS9zeW5jL3YxP3NvdXJjZV9pZD03cmtKQWhQQ1dYYnc5THE1ZFp4YzZUdk4mc291cmNlX3VzZXJfaWQ9dWEtN2JlMjM4ZjctMTFkNy0zMGQ3LWI2NjEtNjU3YjBlNjJmOWIzMgEaOAE= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-7be238f7-11d7-30d7-b661-657b0e62f9b3
Request Chain 473
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CL6V25Px-_sCFQINiAkd2pICJg;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 482
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CIOp9JPx-_sCFWMCaAgdvGMOuw;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
Request Chain 497
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=f51ddf47-697c-463c-9d5f-54653736d15a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sharethrough HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969470210586592007&expires=30&ssp=sharethrough HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 534
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=c210d892-2778-019d-37f1-283e2ed75adb HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=c210d892-2778-019d-37f1-283e2ed75adb&previous_uuid=04b6654fdcb34b9881ddaa46c553b791 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603 HTTP 303
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603
Request Chain 538
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=dd2830f3-42d8-07a2-03e2-4f7940739505&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y5s122ZigEJqFWQC55-GhmWO
Request Chain 539
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=HfCOKrkkgsKTA5iPd1ihjg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 540
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Request Chain 541
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Request Chain 542
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent=
Request Chain 556
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=abd394bb-3e4c-4e06-a4d4-d431ec606011&user_group=1&ssp=pubmatic&bsw_param=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 557
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBdEhrN0hObXdBQUNJYTB4eWN3dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAtHk7HNmwAACIa0xycww&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAtHk7HNmwAACIa0xycww&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1743175450290086261&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAtHk7HNmwAACIa0xycww&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1743175450290086261%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1743175450290086261&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAtHk7HNmwAACIa0xycww&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAtHk7HNmwAACIa0xycww&gdpr=0&gdpr_consent=
Request Chain 558
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=57988376775515890&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 560
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cc8d6b8303884f4bae5cf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=f547bf67-3a8c-5584-ad26-31dc2e5fd110&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d838a010-d969-4065-bd0a-9112066ae39c&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 561
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bf366404-1d0c-476a-946f-44374452a18f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 563
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=&ct=y
Request Chain 564
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=cd32fa20-7c88-11ed-be1a-12592cdca9e3&companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9
Request Chain 566
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 567
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b5af524dfd3161e&is_secure=true&networkId=17100&version=1&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHyc6i5UI2ZANj__WaAAAAAAA&expiration=1671202651&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 568
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b01a49f8-8e86-477e-8aa4-15060e6da8b6&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=e0b0c194-9e2a-5f0b-a5fa-c80f075d4e26&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d838a010-d969-4065-bd0a-9112066ae39c&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 569
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FAF05FF1_28747F0E&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 585
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=860871&iiqidtype=2&iiqpcid=d782e5ff-290e-4b35-8cac-6a4975bee983&iiqpciddate=1671116253287&tsrnd=304_1671116253291&vrref=https%3A%2F%2Fwww.thetimestribune.com%2F&jsver=5.09 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=860871&iiqidtype=2&iiqpcid=d782e5ff-290e-4b35-8cac-6a4975bee983&iiqpciddate=1671116253287&tsrnd=304_1671116253291&vrref=https%3A%2F%2Fwww.thetimestribune.com%2F&jsver=5.09&ckls=true&ci=yyTLPvnkxx&nc=false&trid=-1176918142 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D-2027275527%26pcid%3D%23PMUID HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5409130810637765558 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 588
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=98&advUuid=3503e2a6-5ce4-031f-3112-421b4809d821 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=3503e2a6-5ce4-031f-3112-421b4809d821 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D-2110918867%26pcid%3D%23PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=57988376775515890 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 593
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=3c33dfd7e7833733278b7135b485babe&expires=30&ssp=sekindo&bsw_param=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D1486637409%3B1028935272%3B1881119486%3B1267919208%26rnd%3D945981094%26pcid%3D%24UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=1486637409;1028935272;1881119486;1267919208&rnd=945981094&pcid=g6e10c61c5d3cd7fa7ab HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D1486637409%3B1028935272%3B1881119486%3B1267919208%3B1868283820%26rnd%3D-1329606455%26pcid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1486637409;1028935272;1881119486;1267919208;1868283820&rnd=-1329606455&pcid=[sas_uid]&cklb=1
Request Chain 594
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=31c230f3-bd61-4ba6-afa9-5f9d1e056e92&gdpr_consent=null&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=31c230f3-bd61-4ba6-afa9-5f9d1e056e92 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D417208643%26rnd%3D1288788270%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=584182936&rnd=2043648548&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D584182936%3B1402230080%26rnd%3D-783937336&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=584182936;1402230080&rnd=-783937336&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%26rnd%3D1997172699%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=584182936;1402230080;1709765917&rnd=1997172699&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%3B259151345%26rnd%3D1982953980%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 595
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=2942926129357839341305 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2942926129357839341305 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-490341374%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1881119486&rnd=1027927471&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1881119486%3B1402230080%26rnd%3D954020271&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1881119486;1402230080&rnd=954020271&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%26rnd%3D424257993%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1881119486;1402230080;1709765917&rnd=424257993&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%3B259151345%26rnd%3D1907311398%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 596
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC HTTP 302
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D1486637409%3B1725065545%26rnd%3D-528095315%26pcid%3D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1486637409;1725065545&rnd=-528095315&pcid=3503e2a6-5ce4-031f-3112-421b4809d821 HTTP 302
  • https://ce.lijit.com/merge?pid=8101&3pid=yyTLPvnkxx&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1486637409%3B1725065545%3B1486637409%26rnd%3D1397525637%26pcid%3D%5BSOVRNID%5D HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1486637409;1725065545;1486637409&rnd=1397525637&pcid=F0hhdPZHdKReb32SS-6T_Si- HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1486637409%3B1725065545%3B1486637409%3B396218182%26rnd%3D-1159153639%26pcid=[MM_UUID] HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1486637409;1725065545;1486637409;396218182&rnd=-1159153639&pcid=25b0639b-35d8-4a00-967b-6b3a039ff7a4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=yyTLPvnkxx&expires=1825&rnd=-34220488
Request Chain 597
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-sCm.LQ9E2uEDMpyfCjOCILBbgv9C7lWZVxk81Pg-~A&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-sCm.LQ9E2uEDMpyfCjOCILBbgv9C7lWZVxk81Pg-~A HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1028935272%26rnd%3D-1187994000%26pcid%3D%23PMUID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=793790479&rnd=-2027275527&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%3B1402230080%26rnd%3D1790084283&pcid=$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479;1402230080&rnd=1790084283&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%26rnd%3D-71075010%26pcid%3D$UID HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=793790479;1402230080;1709765917&rnd=-71075010&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%3B259151345%26rnd%3D1924834470%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 598
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1f5c9e9dbadc410db7d921ff458aac78 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=1f5c9e9dbadc410db7d921ff458aac78 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D584182936%26rnd%3D2043648548%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=584182936&rnd=2043648548&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D584182936%3B1402230080%26rnd%3D2140967129&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=584182936;1402230080&rnd=2140967129&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%26rnd%3D-458996183%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=584182936;1402230080;1709765917&rnd=-458996183&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%3B259151345%26rnd%3D-256154339%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 599
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=639b35db96a06&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3141178480815869000V10 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3141178480815869000V10 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D-977682227%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1723987475&rnd=-977682227&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1723987475%3B1402230080%26rnd%3D1685205561&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1723987475;1402230080&rnd=1685205561&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%26rnd%3D-719743317%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1723987475;1402230080;1709765917&rnd=-719743317&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%3B259151345%26rnd%3D1289596333%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 600
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=F0hhdPZHdKReb32SS-6T_Si- HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=F0hhdPZHdKReb32SS-6T_Si- HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D396218182%26rnd%3D-1914034692%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1881119486&rnd=1027927471&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1881119486%3B1402230080%26rnd%3D659564163&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1881119486;1402230080&rnd=659564163&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%26rnd%3D50781354%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1881119486;1402230080;1709765917&rnd=50781354&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%3B259151345%26rnd%3D-1121591573%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 601
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent= HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=76d8f143af3ded831539de168e22cc3&gdpr_consent=&gdpr=0 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=76d8f143af3ded831539de168e22cc3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D484859127%26rnd%3D-1483410478%26pcid%3D%23PMUID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=484859127&rnd=-1483410478&pcid=265CC617-1E50-470A-96B5-657054BAA8F9 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D484859127%3B1402230080%26rnd%3D554602005&pcid=$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=484859127;1402230080&rnd=554602005&pcid=57988376775515890 HTTP 302
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D484859127%3B1402230080%3B1709765917%26rnd%3D-1312692516%26pcid%3D$UID HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=484859127;1402230080;1709765917&rnd=-1312692516&pcid=2942926129357839341305 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D484859127%3B1402230080%3B1709765917%3B259151345%26rnd%3D1797689983%26pcid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Request Chain 607
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=1743175450290086261&gdpr=0&gdpr_consent= HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=1743175450290086261 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1881119486%26rnd%3D1027927471%26pcid%3D%23PMUID HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cc5cf72-b829-4d03-9408-52e30bfd5679&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 608
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent=
Request Chain 610
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=39610da3
Request Chain 611
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=57988376775515890&gdpr=0&gdpr_consent=
Request Chain 625
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=d0d0d905-2a5c-0daa-133d-27c337e79410/gdpr=0
Request Chain 630
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetimestribune.com&sn=ChromeSyncframe&so=0&topUrl=www.thetimestribune.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=vo5QxHxrQnN1SkhyWC9wWWJuYVFnWFZMWCt5T25COEJzMldTZk1MdDNodnNNRFI0bDZOYVd1RHpsUC9FNkhKS0xaWDdpLzlsL29JUjlxOVlEMkttWWxZNWNpS1N2bDNFdy81RDJDdHFkUFZKbUtpU1dJc2I5ZjYxRVRzV1BEUXFubk5yTWR6cWVwYnBuZmNQK1RXRW5xaGxPVWVwdXR3UEVHUitjTklCeHZ3eW9sczBzTndCTUt0QnB2djM0ZlN4b0ZRL2ZtcE9BM0lqQitpNjgxYjE3RFpmd3FiOHZIcEV2eWZMYkVpQnJwNjU0K0N2bm9zcHdnYk4rNXg2NzJLWlJDVVZ4TVh6aU8vVzVhSUlyem12L25ENkc0aU9mZy9RbkRtRitzbjJZK2hJcGNjaz18&cppv=2
Request Chain 644
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=76d8f143af3ded831539de168e22cc3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=eb83c_7177389663039230538&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzZkOGYxNDNhZjNkZWQ4MzE1MzlkZTE2OGUyMmNjMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtnd237ch4ESTbDzRj_wok&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzZkOGYxNDNhZjNkZWQ4MzE1MzlkZTE2OGUyMmNjMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtnd237ch4ESTbDzRj_wok&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/76d8f143af3ded831539de168e22cc3?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-AQ5czd9E2oPisvZ1REJOH6mMBmOLF23ZcQDqqRZZ~A HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAtHk7HNmwAACIa0xycww&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=57988376775515890&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5409130810637765558 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=dRsvu7oN1P5PFT5 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y5s12AAEM5AzzAAF
Request Chain 648
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
Request Chain 649
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CbZNMz4RQrtN8cGbYeJHmQW16p4
Request Chain 651
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720581416291
Request Chain 652
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dRsvu7oN1P5PFT5&gdpr=0&gdpr_consent=
Request Chain 653
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005&rndcb=8030866873 HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=522395ca-9b5e-49f4-a60b-669fd316d3b6&expires=3&user_group=1&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/4b6b3c04-894f-45f2-bf0e-86dd76fa7320?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Request Chain 654
  • https://ad.mrtnsvr.com/sync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=WBfL1WEtM
Request Chain 655
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 656
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=67af2790-34b1-43a0-ae7e-7a74344429af&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=265CC617-1E50-470A-96B5-657054BAA8F9
Request Chain 657
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7244026551091621944&uid=Q7244026551091621944&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244026551091621944
Request Chain 658
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Rvrk3ly2BoyD3v9R3zWbYw
Request Chain 662
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ef49c071-ee6f-4a0a-8886-7fe35fb74c81
Request Chain 663
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703&gdpr=0&gdpr_consent=
Request Chain 664
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=265CC617-1E50-470A-96B5-657054BAA8F9&addseg=10,33,39
Request Chain 665
  • https://pixel.onaudience.com/?partner=214&mapped=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4d14a7dc6527cd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6fc5a047b67526847e00bb9c357909b5&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=4d14a7dc6527cd26 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf533406f03&zcluid=4d14a7dc6527cd26&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBxLDgUDjJBKjA4lgTRE3Pc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf533406f03&zcluid=4d14a7dc6527cd26&zdid=1332
Request Chain 666
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Request Chain 731
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
Request Chain 732
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dloop%26ovsid%3D%7Bviewer_token%7Dhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3141178480815869000V10%26type%3Dloop%26refUrl%3D%26vid%3D11162592863141178480815869000V10%26ovsid%3D HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=f3236bde-a08a-44fa-8735-00cbfaa6676chttps://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162592863141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
Request Chain 735
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
Request Chain 736
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dloop%26ovsid%3D%7Bviewer_token%7Dhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D6%26vsid%3D3141178480815869000V10%26type%3Dloop%26refUrl%3D%26vid%3D11162593323141178480815869000V10%26ovsid%3D HTTP 307
  • https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=30b7bc9e-c93d-483d-ad0b-8f9ef6ede929https://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162593323141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
Request Chain 748
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1&google_push=AavPq0OxhpDos-CM5QA7WuScH_Z9q4C6_DCy5JHKqomJxCMCcdZOP_pEvF3BjP_zSXSSaFbq4AViuCWRgqQu2CMfm3IBJ_INNKvD9cuHKSifgXybOa8BUV07E0loL8XICjk_Y9e4EhYPDRO7QA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU2MDU2NzQ1NzYxMjM5MDYwMw==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1
Request Chain 749
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEK_-ASEegbK6jlCT9UrMuI8&google_cver=1&google_push=AavPq0PAjlx40gj1K0RF2AjSsC3EngC-NdLEOp3oE8NIdPHpm7YdSm2aZtGByIXwQNTZlD0r-SCmPvx79uBO75fM_keMacW6HeqsIo3-KtDzY8biazyV0rPk_iWuaBJt5rRE1gSb3Eira4Lgfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N8aEy5eYTdK8WRNf5qfYtGObNds
Request Chain 750
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOkcg7MpbOwm_CYGl3GA520&google_cver=1&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG6l9Ez3TAH5emJp_6Y1TFw-2ZtD9CW66z3x8iQArb9mFs4qfW5A76vugFqEy2wiRu1psGQBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG6l9Ez3TAH5emJp_6Y1TFw-2ZtD9CW66z3x8iQArb9mFs4qfW5A76vugFqEy2wiRu1psGQBA
Request Chain 751
  • https://match.360yield.com/match/ebda?google_gid=CAESEHJFlxJgAxrIqU1g99eCXvA&google_cver=1&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwOgqyye0pPBL8E_YuUmAzTVLSBzuhk4XzJjVhlgKgxeR9EFek6Q0OGZ1KJZgQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SwOwBXk1T2mMIERnGlfTnA&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwOgqyye0pPBL8E_YuUmAzTVLSBzuhk4XzJjVhlgKgxeR9EFek6Q0OGZ1KJZgQ
Request Chain 752
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECKw82GAbjtPBQTIhFz6kXI&google_cver=1&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJFxjUlDykUxBS7yOZKHmbUt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJFxjUlDykUxBS7yOZKHmbUt&google_hm=WTVzMTJNQ281c3NBQUkzbnhhZ0FBQUFB
Request Chain 753
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEC5tOzuda_Ysvqz46yJVFBM&google_cver=1&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K5sVG0JA5_MyTe4OAz2EPbkL00MkBsUFX2fUZy3IiTgwxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K5sVG0JA5_MyTe4OAz2EPbkL00MkBsUFX2fUZy3IiTgwxg&google_hm=cc407a3660b54702de1c1bc3b50ecdcb
Request Chain 754
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEF9EKeAEOOPlXAKJKsjRXi4&google_cver=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQccHgpEs8PM2xthXTlLzhWWJ871xLk4k5ANKOXdr_CicQ9RDlumBIPPCyh3RjWRvc9mTNHSn8HZT776u6fvfyTalQt8GAfnE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=vzZkBB0MR2qUb0Q3RFKhjw==&no_redirect=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQccHgpEs8PM2xthXTlLzhWWJ871xLk4k5ANKOXdr_CicQ9RDlumBIPPCyh3RjWRvc9mTNHSn8HZT776u6fvfyTalQt8GAfnE
Request Chain 764
  • https://px.owneriq.net/ecmg?google_gid=CAESEJosleSftep9DQN0QDhc2K8&google_cver=1&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp&google_cver=1&google_gid=CAESEJosleSftep9DQN0QDhc2K8&google_hm=UTcyNDQwMjY1NTEwOTE2MjE5NDRQ
Request Chain 766
  • https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEIqFtQryKZ8OfB-cdHgWev0&google_cver=1&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_gU910lzX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=zTAT8XyIEe2SwRIIF0Y8jw&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_gU910lzX&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232
Request Chain 767
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ_1qR3nVUiEh7Gv4mJTgcA&google_cver=1&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmizvOn3FEnwJkksxpNj3ivI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwOTEzMDgxMDYzNzc2NTU1OA&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmizvOn3FEnwJkksxpNj3ivI
Request Chain 768
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENV_ln7JrvMhxgwCuIH6AHc&c_param1=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD
Request Chain 769
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEZKahQGOaiUA7Cu4BQrADA&google_cver=1&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR8sMTNtltvEnKVOmIbu-BHm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR8sMTNtltvEnKVOmIbu-BHm&google_hm=MTc0MzE3NTQ1MDI5MDA4NjI2MQ%3D%3D
Request Chain 770
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDq45TNFBH__LLNFyBNW5yc&google_cver=1&google_push=AavPq0PUf7q9dyoB5uSKeqzzOGd8Af1B33g3Yb4JWfWbeIFr00cXZ_mq_SKFkJHUepGBjMQso3A7FEqTSwTLoXXCsJkCSpuAOlxa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGQyZWM5MGQtNzZjMy00NDRjLWEyMGQtMGE3OTIzZGIyOTI1&google_push=AavPq0PUf7q9dyoB5uSKeqzzOGd8Af1B33g3Yb4JWfWbeIFr00cXZ_mq_SKFkJHUepGBjMQso3A7FEqTSwTLoXXCsJkCSpuAOlxa HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 783
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAtHk7HNmwAACIa0xycww
Request Chain 785
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B330_FAF05FF1_28747F0E
Request Chain 787
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=dRsvu7oN1P5PFT5
Request Chain 788
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5409130810637765558
Request Chain 789
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xqrwscOsrebd-Pq1yP3kspH6--fd_fHrkf-FKKfa
Request Chain 790
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dopenx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=openx&user_id=3yLTxH4SS3iz7MkrU8x80 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=
Request Chain 791
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=969470210586592007
Request Chain 792
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE7C2CD6447D4FB782121DE57AC7E703
Request Chain 795
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=57988376775515890
Request Chain 797
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3560567457612390603
Request Chain 798
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Request Chain 799
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Request Chain 800
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7244026551091621944P
Request Chain 801
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_639b35e419a87&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_639b35e419a87
Request Chain 802
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145

797 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thetimestribune.com.admin-us2.cas.ms/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thetimestribune.com.admin-us2.cas.ms/
Protocol
HTTP/1.1
Server
52.151.238.5 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
openresty /
Resource Hash
3da915c06275e9dbbd3ed95f532bd07a8cb66f189e41cdcc8bab1bcb25007da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 14:57:23 GMT
Expires
Mon, 01-Jan-1990 00:00:00 GMT
Pragma
no-cache
Server
openresty
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-MCAS-Cache-Status
MISS
X-MCAS-Processing-Time
2
X-MCAS-Request-Id
712111b5897696cd7ef45532a7db9490
X-MCAS-Upstream-Time
n/a
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.25.27/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-store-helper.min.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3

Request headers

accept-language
en-US,en;q=0.9
Referer
http://thetimestribune.com.admin-us2.cas.ms/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 14:57:23 GMT
last-modified
Mon, 28 Nov 2022 12:42:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
Dor7jY9XuhzpOAkbPbiHoQ==
etag
0x8DAD13DF423BC93
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae5cc9b8-301e-002d-6ea8-071d14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30554728
x-ms-version
2009-09-19
content-length
4832
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.25.27/html/ Frame A10C 		209 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-store-helper.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer
http://thetimestribune.com.admin-us2.cas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30554754
content-length
209
content-md5
xcQ/+x+i42xZPwR88wJc4A==
content-type
text/html
date
Thu, 15 Dec 2022 14:57:23 GMT
etag
0x8DAD13DF3C8D8BE
last-modified
Mon, 28 Nov 2022 12:42:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
c8a7692b-001e-000a-3ba8-075d29000000
x-ms-version
2009-09-19
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.25.27/js/ Frame A10C 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcasproxy.azureedge.net/proxyweb/1.25.27/js/session-context-restore.min.js
Requested by
Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mcasproxy.azureedge.net/proxyweb/1.25.27/html/session-context-restore.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 14:57:23 GMT
last-modified
Mon, 28 Nov 2022 12:42:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
XAreP5js/x2mOMwXICadTg==
etag
0x8DAD13DF3F3B2FC
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae5cca42-301e-002d-61a8-071d14000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=30554674
x-ms-version
2009-09-19
content-length
38765
Primary Request /
www.thetimestribune.com/
Redirect Chain
  • https://thetimestribune.com/?
  • https://www.thetimestribune.com/
520 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
0640f2d5792dc8a52b8439d3da1fc691a908b05399cb73c8d7b5ce5cb8a04305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://thetimestribune.com.admin-us2.cas.ms/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
323
cache-control
public, max-age=10
content-encoding
gzip
content-length
77013
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:52:00 GMT
etag
W/de6f6bdf088508ae458dd8d498acb0cb
last-modified
Thu, 15 Dec 2022 14:51:59 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.ef1ae2cf9d9803199a19b009dc464018.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.65.3; app16; 0.98s; 8.4M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.thetimestribune.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
public, max-age=300
content-encoding
gzip
content-length
1771
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:23 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
https://www.thetimestribune.com/
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.65.3; app11; 0.02s; 1.3M
x-vcache
MISS
x-xrds-location
https://www.thetimestribune.com/tncms/xrds/
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
30872036
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
HIT
server
cloudflare
etag
W/"60e609f2-1882c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb388c99-EWR
expires
Wed, 31 Aug 2022 19:01:55 GMT
user.js
www.thetimestribune.com/shared-content/art/tncms/user/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:56:23 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 19:27:45 GMT
x-vcache
HIT
age
60
etag
W/"63890031-2f01"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
4332
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
30872036
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb378c99-EWR
expires
Wed, 25 May 2022 07:12:12 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
30872036
last-modified
Mon, 20 Dec 2021 18:25:31 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61c0ca9b-8154"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb338c99-EWR
expires
Fri, 23 Dec 2022 07:23:28 GMT
tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9b9e9735d3620722247b3e0e02d8dc432a252acbade9af3a81146feefb7085
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1919133
cross-origin-resource-policy
cross-origin
last-modified
Tue, 13 Sep 2022 18:22:38 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6320ca6e-5800"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb358c99-EWR
expires
Wed, 11 Oct 2023 19:01:25 GMT
application.ef1ae2cf9d9803199a19b009dc464018.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.ef1ae2cf9d9803199a19b009dc464018.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3786021
cross-origin-resource-policy
cross-origin
last-modified
Thu, 27 Oct 2022 20:59:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"635af118-114a"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb368c99-EWR
expires
Wed, 01 Nov 2023 19:01:20 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
16387534
last-modified
Tue, 06 Jul 2021 13:05:12 GMT
x-vcache
HIT
server
cloudflare
etag
W/"60e45508-9ae"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb348c99-EWR
expires
Wed, 06 Jul 2022 19:02:46 GMT
bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1363724
cross-origin-resource-policy
cross-origin
last-modified
Mon, 21 Nov 2022 16:28:46 GMT
x-vcache
HIT
server
cloudflare
etag
W/"637ba73e-1ac24"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab138c99-EWR
expires
Wed, 29 Nov 2023 20:01:40 GMT
font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/font-awesome.min.e5604f5bf47d3b8b5552d999180549d2.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
237745
last-modified
Tue, 10 May 2022 15:14:09 GMT
x-vcache
MISS
server
cloudflare
etag
W/"627a8141-7257"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab148c99-EWR
expires
Thu, 25 May 2023 07:47:01 GMT
layout.96c1f8e83067984298cdd09c5b707c89.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		156 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.96c1f8e83067984298cdd09c5b707c89.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b282e040bcc537c8512e04bd12836aea4bd7ddf4948c560f57f5501726ac3554
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
152167
cross-origin-resource-policy
cross-origin
last-modified
Thu, 08 Dec 2022 13:56:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6391ed02-26f8a"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab188c99-EWR
expires
Wed, 13 Dec 2023 20:02:27 GMT
theme-basic.2b5a4d89fc575570b338c0d3cf85935a.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.2b5a4d89fc575570b338c0d3cf85935a.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab32dd751409fe5f15dbd24ca6468769904165f041b6c52ab01a48f6109d0332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
152167
cross-origin-resource-policy
cross-origin
last-modified
Thu, 08 Dec 2022 13:56:33 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6391ed11-a49e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab1b8c99-EWR
expires
Wed, 13 Dec 2023 20:02:27 GMT
site.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/global/resources/styles/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/global/resources/styles/site.css?_dc=1503086022
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3003435
last-modified
Fri, 18 Aug 2017 19:53:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"599745c6-1727"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab1c8c99-EWR
expires
Sun, 23 Apr 2023 12:47:22 GMT
flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		1 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-card-promo-boxes.ed1a8e3c93ef8d80d23b903d016790fa.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
14515287
last-modified
Thu, 23 Jun 2022 13:41:18 GMT
x-vcache
MISS
server
cloudflare
etag
W/"62b46d7e-4a6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab1d8c99-EWR
expires
Fri, 30 Jun 2023 14:44:50 GMT
jquery-ui.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528384434
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
159445
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Jun 2018 15:13:54 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5b194bb2-3e62"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab228c99-EWR
expires
Fri, 08 Sep 2023 10:03:52 GMT
tntslider.b1a6a0759364145953769487de35cb8b.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.b1a6a0759364145953769487de35cb8b.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd7ca25e7923a6a619fdd1b9bb559c22cec81e33de92d44c1200a2511393c207
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
575123
last-modified
Mon, 25 Apr 2022 13:22:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6266a0af-1488"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dab248c99-EWR
expires
Wed, 26 Apr 2023 19:06:39 GMT
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b8f65fcce2734f8881897d33271782dabe6a2b1e0e600027e3b4714df65739
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1919133
last-modified
Mon, 23 May 2022 19:55:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"628be6a0-2042"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb268c99-EWR
expires
Wed, 31 May 2023 19:01:11 GMT
cc.js
tags.crwdcntrl.net/c/6893/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6893/cc.js?ns=_cc6893
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-102.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:34:03 GMT
content-encoding
gzip
via
1.1 1f25a64e755f195dbccfdacb5a82a7ce.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 21:56:21 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
12202
x-amz-server-side-encryption
AES256
etag
W/"39ab9965026eec1d99798a96510f6eb1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age: 86400
x-amz-cf-id
iZQuHMCLSs6raQOw1HbCTR6OZl-hWOopUOPmTQMAw5do79O_LP1HiA==
access.js
www.thetimestribune.com/shared-content/art/tncms/api/ 		86 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/shared-content/art/tncms/api/access.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
19f9276f53dbe297e9a198481caa8327ca36f3454c83853428ef025e16dbcf1b

Request headers

Referer
https://www.thetimestribune.com/
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:56:23 GMT
content-encoding
gzip
last-modified
Thu, 10 Nov 2022 22:19:45 GMT
x-vcache
HIT
age
60
etag
W/"636d7901-15914"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
35065
service-worker-allowed
/
tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1919133
last-modified
Fri, 01 Apr 2022 13:29:43 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6246fe47-24cb"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb288c99-EWR
expires
Sun, 23 Apr 2023 12:43:24 GMT
tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 		888 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1919132
last-modified
Fri, 04 Mar 2022 14:28:39 GMT
x-vcache
MISS
server
cloudflare
etag
W/"62222217-378"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e9c8c99-EWR
expires
Thu, 09 Mar 2023 22:20:46 GMT
tracking.js
www.thetimestribune.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:56:23 GMT
content-encoding
gzip
last-modified
Thu, 01 Dec 2022 19:27:45 GMT
x-vcache
HIT
age
60
etag
W/"63890031-a4b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
1149
service-worker-allowed
/
admanager.js
www.thetimestribune.com/shared-content/art/tncms-ad-manager/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:56:23 GMT
content-encoding
gzip
last-modified
Mon, 12 Sep 2022 20:38:01 GMT
x-vcache
HIT
age
60
etag
W/"631f98a9-9d77"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
12873
service-worker-allowed
/
impressions.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/ 		83 B
210 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/impressions.js?_dc=1671114920
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188025b85ed40c3170b284da59422a3f8c9eaa0cd47623bfe2dcc7b265237e93
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
503
cross-origin-resource-policy
cross-origin
last-modified
Thu, 15 Dec 2022 14:35:20 GMT
x-vcache
MISS
server
cloudflare
etag
W/"639b30a8-53"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb2b8c99-EWR
expires
Fri, 15 Dec 2023 14:40:26 GMT
traffic.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/ 		1 KB
893 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/traffic.js?_dc=1671082520
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654867dd09f61b351cfbd1bb6997c752a0184226a9ffb5d87d131f2ae8207bc6
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
33324
cross-origin-resource-policy
cross-origin
last-modified
Thu, 15 Dec 2022 05:35:20 GMT
x-vcache
MISS
server
cloudflare
etag
W/"639ab218-5e5"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb2c8c99-EWR
expires
Fri, 15 Dec 2023 05:42:00 GMT
settings.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/ 		3 KB
791 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/ads/settings.js?_dc=1519929885
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4943fcbefd5ada534396c2b994de0c62d30a1971c1c27056e17be2ddf2229d30
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
230318
last-modified
Thu, 01 Mar 2018 18:44:45 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5a984a1d-d13"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb2d8c99-EWR
expires
Wed, 24 May 2023 11:04:11 GMT
tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
6810399
cross-origin-resource-policy
cross-origin
last-modified
Fri, 23 Sep 2022 13:02:46 GMT
x-vcache
MISS
server
cloudflare
etag
W/"632dae76-6d3"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e9d8c99-EWR
expires
Wed, 27 Sep 2023 19:01:37 GMT
jquery-ui.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/scripts/jquery-ui.js?_dc=1469107371
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
164362
last-modified
Thu, 21 Jul 2016 13:22:51 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5790ccab-aad1"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb2f8c99-EWR
expires
Sun, 23 Apr 2023 12:47:22 GMT
biz.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/global/resources/scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/global/resources/scripts/biz.js?_dc=1468362442
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d190eba56a70ceebc6f30127b9fc2e441601e159e6e6fc56eeaa47ee568670a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
30872036
last-modified
Tue, 12 Jul 2016 22:27:22 GMT
x-vcache
MISS
server
cloudflare
etag
W/"57856eca-1a27"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb308c99-EWR
expires
Fri, 23 Dec 2022 07:23:28 GMT
tntslider.224ba6f98647e237bc7ff4b1d4af12e1.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.224ba6f98647e237bc7ff4b1d4af12e1.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2c926075d207c230588ec2551061f3d08b72833958f87989b26ebd60cb0372
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
1194058
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 18:49:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"63485dd1-4464"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e9e8c99-EWR
expires
Thu, 19 Oct 2023 08:18:55 GMT
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		200 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
230318
last-modified
Tue, 10 May 2022 15:15:16 GMT
x-vcache
MISS
server
cloudflare
etag
W/"627a8184-c8"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080dbb318c99-EWR
expires
Wed, 24 May 2023 11:04:11 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c42f5d8493591ebac06e89b38d92e79d04fe618bf35f1260dfb355310a1068e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 13:18:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 14:57:24 GMT
fontawesome.a7c71fa5a63ad1158170fb2c085be042.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		264 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.a7c71fa5a63ad1158170fb2c085be042.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
4104189
cross-origin-resource-policy
cross-origin
last-modified
Thu, 06 Oct 2022 20:59:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"633f419f-41e71"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e9f8c99-EWR
expires
Wed, 11 Oct 2023 19:01:25 GMT
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-86.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f232a1e3d2e7077142d07486b2583be2168b22af1ee9ab639dc361a75e79125c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:55:30 GMT
content-encoding
br
via
1.1 ea4a33625617615e13496b292edda6d6.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 19:55:18 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
114
etag
W/"0ac3357a221247fc7d7d362e38367ec5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
qptqvAsaLRb6yqIK5cWeviqHycp5Y_xCnhzn0gzFvpGrSJmGdSdacw==
785034b0-eb7a-0136-564a-067f653fa718
tag.simpli.fi/sifitag/ 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc0e7b993278da0c73e168a0d685b16cdb99f36de7785d9de363c58307bf4cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27538
x-xss-protection
0
server
sffe
etag
"1422 / 354 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 14:57:24 GMT
adb.1710310.min.js
prod.adspsp.com/ 		299 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb.1710310.min.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-99.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7326d5162d6a55e0e61a0f1208ebd6f63664295b1726369a35ef5377f3d5e962

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 10:01:43 GMT
Content-Encoding
gzip
Via
1.1 401725c701b46e52c0591a613c644c8e.cloudfront.net (CloudFront)
Last-Modified
Wed, 09 Nov 2022 00:57:20 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CMH68-P1
Age
17742
ETag
W/"7c4969eb704b9ad96f23cc2647c7bd50"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
jiN1EzAAxVHO8MdpMtzEBzf8NrAZYsHX44pVhsISUV0rvnS-W7787w==
/
thetimestribune-cnhi-pw.newsmemory.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetimestribune-cnhi-pw.newsmemory.com/?meter&v=4&service=onstop
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
6013
Expires
Thu, 15 Dec 2022 16:57:24 UTC
load.js
s.ntv.io/serve/ 		534 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.241.61 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-241-61.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46dd7329fae693cad6f963d6003d0f43231df94b536c2bfa3c94f25671b9a5ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Content-Encoding
gzip
x-amz-request-id
HQRN1DDM6KQMVBS4
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
Tpm8s/Y/R4BZYBNEx2k2nyz46kJmy3r6tPiITui77q6zPpBATxkNbyGOFP5sbp7+Xoay59qW6k4=
Last-Modified
Mon, 12 Dec 2022 21:04:28 GMT
Server
AmazonS3
ETag
"099cbbd6da309f2753fd22dbaad9e76e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
tracker.js
www.thetimestribune.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:56:23 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 15:26:09 GMT
x-vcache
HIT
age
60
etag
W/"61b0ce91-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
62ab7a6c1844e.image.png
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/media/9/32/9328dbb0-eda4-11ec-b64f-9b6c97214694/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/media/9/32/9328dbb0-eda4-11ec-b64f-9b6c97214694/62ab7a6c1844e.image.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d5f5af1c441c50930e0cdfb31c81852f060da90881fed41756e7fccb3fc569
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
4074204
cf-polished
origFmt=png, origSize=15094
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="62ab7a6c1844e.webp"
content-length
8418
cf-bgj
imgq:85,h2pri
last-modified
Thu, 16 Jun 2022 18:46:04 GMT
server
cloudflare
x-vcache
MISS
etag
"62ab7a6c-3af6"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a0080f3ea38c99-EWR
expires
Fri, 27 Oct 2023 18:42:17 GMT
/
thetimestribune-cnhi-pw.newsmemory.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetimestribune-cnhi-pw.newsmemory.com/?meter&v=4
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
16c2d4c31e6e9c4554e9486049f98557cc796a894691385af58b7b99b24a3876

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Last-Modified
Thu, 7 Apr 2022 19:45:26 UTC
Server
Apache
ETag
f8377f4bfe2bddd2714c92392e406791
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
4416
Keep-Alive
timeout=2, max=300
Expires
Thu, 15 Dec 2022 16:57:24 UTC
5e6933b81f4ad.image.jpg
bloximages.chicago2.vip.townnews.com/richmondregister.com/content/tncms/assets/v3/editorial/a/1b/a1bc4f66-63c9-11ea-bf17-37ec3ed25505/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/richmondregister.com/content/tncms/assets/v3/editorial/a/1b/a1bc4f66-63c9-11ea-bf17-37ec3ed25505/5e6933b81f4ad.image.jpg?resize=300%2C99
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1334a2785a64e782b53a5d91a11eaf3c4f812782cb396607f3cb07e34cd6f294
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
16385652
cf-polished
degrade=85, origSize=12125, status=webp_bigger
cf-bgj
imgq:85,h2pri
last-modified
Wed, 11 Mar 2020 18:53:44 GMT
server
cloudflare
x-vcache
MISS
etag
"cbd0df080f32640ac3fbdb372398c28d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3ea48c99-EWR
expires
Sun, 23 Apr 2023 12:11:29 GMT
retailadvertiser
casmp.adperfect.com/widget/
Redirect Chain
  • https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
  • https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
35.155.108.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-108-1.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
5ae9c0ddff35324c67f97b394a0005ecc69389e2e07e71da27fe0028eee73495

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=3600
content-length
2616
expires
Thu, 15 Dec 2022 15:57:24 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:54:52 GMT
Via
1.1 1f25a64e755f195dbccfdacb5a82a7ce.cloudfront.net (CloudFront)
Server
Apache
X-Amz-Cf-Pop
CMH68-P1
Age
152
X-Cache
Hit from cloudfront
Content-Type
text/html; charset=UTF-8
Location
https://casmp.adperfect.com/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
c-uaXsxpb-QX70YBCcIr5P1TSLb9g_DWoaOXjhlKgumzn-giBfcCYw==
Expires
Thu, 15 Dec 2022 15:54:52 GMT
widgey-dug.php
japfg-trending-content.appspot.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/widgey-dug.php?s=10223&v=1&q=3&i=1
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::99 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
c1a3fc113d488384b30145d568964ac74587123e78ca73f049f6d87f14ec1aef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
circularhub_module.js
api.circularhub.com/15615/5d82d3b5b94cbe5b/ 		554 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.circularhub.com/15615/5d82d3b5b94cbe5b/circularhub_module.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-44.cmh68.r.cloudfront.net
Software
nginx /
Resource Hash
1270fb884615b5d498d0abbc0b357f6a189e53d6e473f7fda8b51cef205051bc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
via
1.1 773037e393cd6076bf819021d17f11ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-cache
Miss from cloudfront
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
status
200 OK
x-request-id
98bc645edfeb32bb8cf46d92e147d3f9
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.009407
server
nginx
etag
W/"1304768e63056468e6381f732ee6dad4"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
vLnZfkNZoqTKVVXSV3UQJyjDsdT3jyefSHlvZxTxzufLr0IYJluDaA==
x-rack-cache
miss
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/79EE) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
362213
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (nya/79EE)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
74fb3ba0-701e-00d7-0b4a-0da938000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
thetimestribune.js
static.cnhionline.com/cnhi/data/premiumads/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/premiumads/thetimestribune.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
1d07df5629c3cc6fad427d4cedfdcee994ee385259799dcdcff8b777286408bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Last-Modified
Wed, 14 Dec 2022 15:17:00 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"e80b2dc3-810-5efcb3a5b1300"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2064
widget.js
video.digi-me.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video.digi-me.com/widget.js?pID=2299&w=350&h=300
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.202.114.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-114-247.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9f2d2b213cf8c2e24388bcbdd96a151af1320bb4a29555d85b878ad29ec8dc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
gzip
last-modified
Wed, 30 Dec 2020 11:22:58 GMT
server
Microsoft-IIS/10.0
etag
"48266209eded61:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1252
thetimestribune.js
static.cnhionline.com/cnhi/data/bizmarquee/ 		328 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cnhionline.com/cnhi/data/bizmarquee/thetimestribune.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
ccd9f2624f6e873926fdb49f2b94869b12b549c8e955ce8444f608e71e640434

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Last-Modified
Tue, 11 Jan 2022 13:35:38 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"f00672c0-148-5d54e8757265b"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
328
RTJ-PlayAllDay-Fall-300x250.gif
static.cnhionline.com/ksherman/images/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cnhionline.com/ksherman/images/RTJ-PlayAllDay-Fall-300x250.gif
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.174.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-174-208.compute-1.amazonaws.com
Software
Apache/2.2.34 (Amazon) /
Resource Hash
3151f1220c63817a5f293f7a01d32cfe4066cc7af5fac2df7f073cc81b7e4757

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:24 GMT
Last-Modified
Tue, 30 Aug 2022 21:29:25 GMT
Server
Apache/2.2.34 (Amazon)
ETag
"80462db-11375-5e77c130ed920"
Content-Type
image/gif
Access-Control-Allow-Origin
http://template1.cnhionline.com
Connection
close
Accept-Ranges
bytes
Content-Length
70517
vf-v2.js
cdn.viafoura.net/ 		769 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1503ffa845faf94d1171cd43f9f4d04a36848943be74e5365764990bb57d2d50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ymlDCSCAhJSJrGzi.pf5al2STPhLAMjI
content-encoding
br
via
1.1 1f25a64e755f195dbccfdacb5a82a7ce.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 14:54:38 GMT
x-amz-cf-pop
CMH68-P1
age
167
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:21 GMT
server
AmazonS3
etag
W/"851b1621665e35ed8458e49d4b1aded9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
BWmcgF443eX42XZjlNvV5gNpwfuBbIBdabd6sF0F2HS50iWogeQg4g==
tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
553580
last-modified
Thu, 21 Jul 2022 21:07:50 GMT
x-vcache
MISS
server
cloudflare
etag
W/"62d9c026-f69"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e948c99-EWR
expires
Wed, 26 Jul 2023 11:06:25 GMT
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
6810399
cross-origin-resource-policy
cross-origin
last-modified
Fri, 23 Sep 2022 13:03:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"632dae88-1008"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e958c99-EWR
expires
Wed, 27 Sep 2023 19:01:37 GMT
tnt.regions.b44801b45845a81b995eeaad12f4f276.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
15274276
last-modified
Mon, 20 Jun 2022 13:22:52 GMT
x-vcache
MISS
server
cloudflare
etag
W/"62b074ac-1015"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e978c99-EWR
expires
Wed, 21 Jun 2023 19:01:35 GMT
dmp.reactive.727b4e3bfa0f1d9c7a22279342b1b5f5.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		1 KB
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.727b4e3bfa0f1d9c7a22279342b1b5f5.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95628f1f9076cd20be6e0cedd3915cfb79e0f0eea48aac79e9aa7f64fc5873cf
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
5596249
cross-origin-resource-policy
cross-origin
last-modified
Thu, 06 Oct 2022 20:58:59 GMT
x-vcache
MISS
server
cloudflare
etag
W/"633f4193-4ad"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e998c99-EWR
expires
Wed, 11 Oct 2023 19:01:25 GMT
promo_popup.fe40d77fce691e6ed54cb520a782a693.js
bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		2 KB
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/promo_popup.fe40d77fce691e6ed54cb520a782a693.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c456b606231cd84cd7408994f7f80580788b94e8e82ef2110dbe3cff907f49
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
content-encoding
br
cf-cache-status
HIT
age
3000487
last-modified
Fri, 01 Apr 2022 13:29:37 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6246fe41-635"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a0080f3e9b8c99-EWR
expires
Sun, 23 Apr 2023 12:47:22 GMT
gtm.js
www.googletagmanager.com/ 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1267d961cc5ad265712b3d3a144e0a1add99132bec9c10f7201d3499f3ba8422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69641
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 14:57:24 GMT
/
www.thetimestribune.com/_services/v1/client_ip_info/ 		83 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/_services/v1/client_ip_info/
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
3b6240c1426c0aed0bedb4390ecc2c67b6da8e6b74e6bae03ad6c59374f8a62a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
cache-control
private, max-age=3600
content-length
83
content-type
application/json
yisee9jC_KWgyn-9XvSa5EbZJEY5eNHMSCSppYowii1L7Selu_02l80
bandborder.com/v2/0/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/yisee9jC_KWgyn-9XvSa5EbZJEY5eNHMSCSppYowii1L7Selu_02l80
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7d3c95ed1ebc67ddd9731670bda6031cb505b886813d765b397eda9180c60edd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Thu, 15 Dec 2022 14:57:24 GMT
x-datacenter
gce-us-east1
etag
"57dd0f77727a51852ea518e3f2cb0dd34fcea8406e37faeedb37ed6a0c88a176"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-q1h3
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ufaYCyld2eEn5A3JVykvbEPXODLQ0i_XUJ34fOPwFwM4tQxDxOeJjriKeJk-dnVX1DeKuiPiA
bandborder.com/v2/0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2/0/ufaYCyld2eEn5A3JVykvbEPXODLQ0i_XUJ34fOPwFwM4tQxDxOeJjriKeJk-dnVX1DeKuiPiA
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
3be0e00c1bffdf5cfc2d61d8a79569bac7c2f7a187d628f6239b12ea7cdc728f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Thu, 15 Dec 2022 14:57:24 GMT
x-datacenter
gce-us-east1
etag
"872f3916aa3a863792c4795afd21b926b5ddc82c443441ccd089915aa28c6de6"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-q1h3
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
718439402
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tracker.gif
www.thetimestribune.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimestribune.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=167111624434716001200894547451326&tnms_dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&tnms_upage=1&tnms_do=www.thetimestribune.com&tnms_uri=/&tnms_ref=http%3A//thetimestribune.com.admin-us2.cas.ms/&rt=1671116244357
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
x-vcache
MISS
age
0
etag
"48f79fed-0"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
gtm.js
www.googletagmanager.com/ 		124 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K4GJW6
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
09bca8051bf8342d1a0392880c04aa08ff391dca448dafdd7c772312d9db28d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48245
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 14:57:24 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 00:29:25 GMT
x-content-type-options
nosniff
age
52079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 00:29:25 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 21:15:40 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		260 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thetimestribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac673a6aaa230bacab0226a2c3e40f6f4beaf1f47f5f5833ce0efc2bded1a4e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:24 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0eadfbaf60d2efdd306286a939dd33f9e4a62a43ec7b7d76b393e683ed661c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:57:24 GMT
content-md5
vTmmiLEsQzjYKfjHnLAKSw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
F8MI/RpAJ9z7qgZnS81Q6RH/pO6OW3/Y+8oAKozdCrjc/gbQW9mfhqaom6pbW34+jScIK07zaiU548Xd5L8llw==
x-fb-trip-id
2050670934
x-fb-content-md5
ac1e8681216aca0c00b5a80083b22a97
cross-origin-opener-policy
same-origin-allow-popups
etag
"4eaab209a9e7d285cebec127110ed187"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Thu, 15 Dec 2022 15:02:56 GMT
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 09:09:07 GMT
x-content-type-options
nosniff
age
193697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:09:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:00:45 GMT
content-encoding
gzip
via
1.1 ed11b381965875f4766a15a39ce86a5a.cloudfront.net (CloudFront), 1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1, CMH68-P1
age
3400
etag
W/"909ff158818033daa43a2d271ecda3db"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
rF1UPEPlIQ_TIBdag_5MGecdixTa35FxyHZ0rrzlahFTQsHWDCcxCA==
/
geo.adspsp.com/ 		4 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.adspsp.com/
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:dc00:1e:7118:9c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d0caf6ce9f9dcab483bbd5f2b916786afa4765b0e4eca7f6dcd9f98c6d1e7e0d

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
via
1.1 74fa88947236efdd15ba1f4510868e00.cloudfront.net (CloudFront)
x-adb-procip
2a0d:5600:24:1400:1011:e903:e9ff:b5cd, 15.158.61.74
x-adb-rmadr
::ffff:10.0.1.87
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
x-adb-fwdip
2a0d:5600:24:1400:1011:e903:e9ff:b5cd, 15.158.61.74
content-length
4
x-amz-cf-id
3LgBixftNTNeMNQTSInt_IAL58JIUVn_m9jwm3fwH_aWjrP9R36f6g==
6399533fe57b6.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/2/4e/24e8b37a-7b69-11ed-951f-d33c4c7e087b/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/2/4e/24e8b37a-7b69-11ed-951f-d33c4c7e087b/6399533fe57b6.image.jpg?resize=160%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4cc2e01d30a70efd51e90081015ca2ba5e336bfe441113192062c890661a0c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
99429
cf-polished
degrade=85, origSize=11162, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
8597
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Dec 2022 04:38:25 GMT
server
cloudflare
x-vcache
MISS
etag
"97bb5c4882b8bce5b4dcf0f0454589de"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008119bc98c99-EWR
expires
Thu, 14 Dec 2023 04:44:56 GMT
639571d33b374.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/e/09/e0992d27-d410-555d-8458-1b27d07f0981/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/e/09/e0992d27-d410-555d-8458-1b27d07f0981/639571d33b374.image.jpg?resize=133%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1986582274a76476e07d2ee9f5899ae14e961e7aa7293fbd322c6e48efdbcd7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
342954
cf-polished
origSize=8763, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
8648
cf-bgj
imgq:85,h2pri
last-modified
Sun, 11 Dec 2022 05:59:47 GMT
server
cloudflare
x-vcache
MISS
etag
"7ef830ef182332f039d0ee640be00a00"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008119bce8c99-EWR
expires
Mon, 11 Dec 2023 06:42:14 GMT
6398dc2a47903.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/d1/bd1ae354-7b21-11ed-a4f0-8b84651019cd/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/d1/bd1ae354-7b21-11ed-a4f0-8b84651019cd/6398dc2a47903.image.jpg?resize=161%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61043b4c772c40083f058e591a0cb3fe99614c16758565533145a766ecdab2fc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1525
cf-polished
qual=85, origFmt=jpeg, origSize=6120
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6398dc2a47903.webp"
content-length
5162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Dec 2022 20:10:18 GMT
server
cloudflare
x-vcache
MISS
etag
"0f427ab6df72d91dcf2e4022ea4ace46"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008119bcf8c99-EWR
expires
Wed, 13 Dec 2023 20:16:48 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:44:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
790
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 16:44:14 GMT
gtm.js
www.googletagmanager.com/ 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a2bf4b4e25781d6d296be7e589cf42417d485a408aa320a9b300ce2e2e21a7bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44203
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 14:57:24 GMT
gtm.js
www.googletagmanager.com/ 		166 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ccff04baf1f9c6a32d5a7c50f4b8ab0fe71e1957f6dc700eefef163c5579255
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59143
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 14:57:24 GMT
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181297
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-9.cmh68.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
via
1.1 74fa88947236efdd15ba1f4510868e00.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
x-amz-cf-id
xWqVs0AiXAkAC1Vj9eZ7UWNSu13edaYDZNz8ElArwbY9alNSmsVLxw==
ea2687a8-683a-11e8-bd17-ffea06c6f854.png
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/custom/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/custom/image/ea2687a8-683a-11e8-bd17-ffea06c6f854.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7d5f5af1c441c50930e0cdfb31c81852f060da90881fed41756e7fccb3fc569
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1918907
cf-polished
origFmt=png, origSize=15094
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="ea2687a8-683a-11e8-bd17-ffea06c6f854.webp"
content-length
8418
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jun 2018 21:04:48 GMT
server
cloudflare
x-vcache
MISS
etag
"5b15a970-3af6"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d1e8c99-EWR
expires
Wed, 22 Nov 2023 22:34:30 GMT
639a3d5d9ab1c.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/b4/6b42e918-7bf4-11ed-9642-fb578221737a/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/b4/6b42e918-7bf4-11ed-9642-fb578221737a/639a3d5d9ab1c.image.jpg?crop=526%2C296%2C0%2C115&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5724a0fd9b3da6877f562172332ca069d50e542fd28ea471c0c3d273e3293e86
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1525
cf-polished
origSize=5271, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
5146
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Dec 2022 21:17:17 GMT
server
cloudflare
x-vcache
MISS
etag
"b3aece7d7425a2fd4a5adb8e9c49dccd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d228c99-EWR
expires
Fri, 15 Dec 2023 14:07:43 GMT
5c887199012ee.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/38/b3858774-453b-11e9-aa96-43605c2c6ce4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/38/b3858774-453b-11e9-aa96-43605c2c6ce4/5c887199012ee.image.jpg?crop=1053%2C592%2C0%2C453&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27028933e1e20eef0e52c807f9d20f403c4cc7dcf54219b7e313cae96e7279bc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
86547
cf-polished
qual=85, origFmt=jpeg, origSize=2758
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="5c887199012ee.webp"
content-length
2190
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Mar 2019 02:57:29 GMT
server
cloudflare
x-vcache
MISS
etag
"185b1580010ebd2a8867384d8212888a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d248c99-EWR
expires
Wed, 13 Dec 2023 02:18:13 GMT
63929ba3a574c.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/2/d2/2d2f672c-7768-11ed-bf3c-7b0067f70cfa/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/2/d2/2d2f672c-7768-11ed-bf3c-7b0067f70cfa/63929ba3a574c.image.jpg?crop=1763%2C992%2C0%2C91&resize=150%2C84&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed74ff0aa65a790c2fe4f86fb1070ad270a6cad8553ce490788a976d6ff0c6c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
86547
cf-polished
degrade=85, origSize=8590, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6223
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Dec 2022 02:21:26 GMT
server
cloudflare
x-vcache
MISS
etag
"0da912d5c6b46654719b50f565ee16d5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d278c99-EWR
expires
Thu, 14 Dec 2023 02:03:55 GMT
6398dc2a47903.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/d1/bd1ae354-7b21-11ed-a4f0-8b84651019cd/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/b/d1/bd1ae354-7b21-11ed-a4f0-8b84651019cd/6398dc2a47903.image.jpg?crop=280%2C158%2C0%2C94&resize=200%2C113&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d0afd4cea9e299b444861fca63d7ca055240671485c59da6d32eef2dcaa42e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
72409
cf-polished
qual=85, origFmt=jpeg, origSize=4316
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6398dc2a47903.webp"
content-length
3264
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Dec 2022 20:10:18 GMT
server
cloudflare
x-vcache
MISS
etag
"4fe71aefec00c576e3db4346a2a164d3"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d288c99-EWR
expires
Wed, 13 Dec 2023 20:27:19 GMT
639789845a2c0.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/f/14/f146be84-7a57-11ed-8cf3-c7cd0cf635a6/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/f/14/f146be84-7a57-11ed-8cf3-c7cd0cf635a6/639789845a2c0.image.jpg?crop=1175%2C661%2C0%2C551&resize=750%2C422&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0735dc9c0e72bfc9d0ed54598676129bba88a1d652b7a222084845e40c2e9107
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
86547
cf-polished
qual=85, origFmt=jpeg, origSize=39190
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="639789845a2c0.webp"
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Dec 2022 20:05:27 GMT
server
cloudflare
x-vcache
MISS
etag
"2c8caf2c41bf62f5ec222c200550942a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
cf-ray
77a008123d2a8c99-EWR
expires
Thu, 14 Dec 2023 10:45:07 GMT
63978add7b371.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/1/e2/1e281b5e-7a59-11ed-bd94-e7c01cf11a8a/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/1/e2/1e281b5e-7a59-11ed-bd94-e7c01cf11a8a/63978add7b371.image.jpg?crop=1763%2C992%2C0%2C91&resize=750%2C422&order=crop%2Cresize
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bb259a78c94bdf806b086e9944d7c05ee23346e03f3abde1c8a848fd978f14
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1525
cf-polished
qual=85, origFmt=jpeg, origSize=37913
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="63978add7b371.webp"
content-length
34040
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Dec 2022 20:11:12 GMT
server
cloudflare
x-vcache
MISS
etag
"f0a9457520f48ba9b4fd37ae03036a61"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d2b8c99-EWR
expires
Wed, 13 Dec 2023 16:14:46 GMT
639a33f8e2b5e.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/1/6d/16db30ce-7bef-11ed-a3aa-cf8b7e468c8a/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/1/6d/16db30ce-7bef-11ed-a3aa-cf8b7e468c8a/639a33f8e2b5e.image.jpg?resize=300%2C240
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc424c2b2415fd6bd6f5549630ecd0fdfed5ed40dc9cffe4208c4be8803a5fbf
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1524
cf-polished
degrade=85, origSize=23259, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
21866
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Dec 2022 20:37:14 GMT
server
cloudflare
x-vcache
MISS
etag
"c0a58e0aa3f0161e35c38a62ecb5a7b2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d2c8c99-EWR
expires
Thu, 14 Dec 2023 20:52:52 GMT
639a3d5d9ab1c.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/b4/6b42e918-7bf4-11ed-9642-fb578221737a/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/b4/6b42e918-7bf4-11ed-9642-fb578221737a/639a3d5d9ab1c.image.jpg?resize=150%2C150
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4230272b32273eff0b5ad9150013d9b782271e4ca6373c746e4c8d49290f6b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:24 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1525
cf-polished
origSize=8047, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Dec 2022 21:17:17 GMT
server
cloudflare
x-vcache
MISS
etag
"917236d07e64b4163a948109c6e22445"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a008123d2d8c99-EWR
expires
Fri, 15 Dec 2023 14:08:24 GMT
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
etag
"StHfV9prSwQMxjKWocWEFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 22 Dec 2022 14:57:25 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:9a00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 01:01:23 GMT
content-encoding
gzip
via
1.1 ed11b381965875f4766a15a39ce86a5a.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
CMH68-P1
age
50162
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
__sp6AWnd27EhmYVfv0tYd5Gcddnbjj8qrD7SwurpomeQQw-ZNFQ5g==
expires
Fri, 16 Dec 2022 01:01:23 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.thetimestribune.com%2F&prx_referrer=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-76-203.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
3ba5d6411c56f9f8499cd7de0ce4bd01214e09e5782686423dda721f01b4eee8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
813
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
adspsp.com/pt/1710310/19/1/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/19/1/?a=2,aX0,8k8CMrwg5x&aa=&b=&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx&g=1T131&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.21r.1.0&m=z&rnd=1671116245026
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
sdk.js
connect.facebook.net/en_US/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=8a84431a62454bceed93402afa09267f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e4b19026421ca103a63c60f7342fad00842bfe48d418e16ce7a80266dfb7723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.thetimestribune.com/
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:57:25 GMT
content-md5
blTG+I+azAkGLg+RuX1KDg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88441
x-fb-rlafr
0
x-fb-debug
eZHR7YFV5yiysciJUFQwVkcidwaU/iu9mQllFjtVttEEdsm/OOqSp5mK8fUGg6DZK4TaIGABsRzEAZyZc7oBIQ==
x-fb-content-md5
aa35c42bad079b61fc6b840f6ca1a1c0
cross-origin-opener-policy
same-origin-allow-popups
etag
"0b8aef8ffa4eeb228491669c3267db89"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 15 Dec 2023 11:22:49 GMT
/
thetimestribune-cnhi-pw.newsmemory.com/ 		170 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thetimestribune-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=f8377f4bfe2bddd2714c92392e406791&v=4&r=1867
Requested by
Host: thetimestribune-cnhi-pw.newsmemory.com
URL: https://thetimestribune-cnhi-pw.newsmemory.com/?meter&v=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
25941110a1b64f63cc8962779459344bae53929dca27f3094f45d64ad171bc28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
Last-Modified
Mon, 8 Aug 2022 21:02:00 UTC
Server
Apache
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Keep-Alive
timeout=2, max=299
Expires
Thu, 15 Dec 2022 16:57:25 UTC
publisher:getClientId
ampcid.google.com/v1/ 		3 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 09:02:00 GMT
x-amz-cf-pop
CMH68-P1
age
21326
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zH-eTs44QK0z5Db7M4_N4myP2vDrv-E7U7Sxw4gQ-nx3uw08RGQNWQ==
60998a73a0225.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/7/19/7192c030-b1c6-11eb-b528-7fea7a2981a2/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/7/19/7192c030-b1c6-11eb-b528-7fea7a2981a2/60998a73a0225.image.jpg?resize=150%2C100
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05024fcd013ea8a8f72077ffb2fb09f87b9f60356b038149f148a1999c482070
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
86548
cf-polished
qual=85, origFmt=jpeg, origSize=4051
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="60998a73a0225.webp"
content-length
3486
cf-bgj
imgq:85,h2pri
last-modified
Mon, 10 May 2021 19:33:08 GMT
server
cloudflare
x-vcache
MISS
etag
"92e0cc78ab93ba9fd85c377690326b57"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a0081418e38c99-EWR
expires
Wed, 13 Dec 2023 22:01:10 GMT
5f55ad0252773.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/8/e2/8e2a86a4-f0bc-11ea-880c-7b98b84ebb22/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/8/e2/8e2a86a4-f0bc-11ea-880c-7b98b84ebb22/5f55ad0252773.image.jpg?resize=150%2C100
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7955f503aaea644d6591f86c10de9cae8e4f500f6daedae7612519b9b53174
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
86548
cf-polished
qual=85, origFmt=jpeg, origSize=4047
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="5f55ad0252773.webp"
content-length
3198
cf-bgj
imgq:85,h2pri
last-modified
Mon, 07 Sep 2020 03:46:11 GMT
server
cloudflare
x-vcache
MISS
etag
"c40dd6fb1f3604ac9f31b3fe72c324a8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a0081418e68c99-EWR
expires
Thu, 07 Dec 2023 20:14:33 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.thetimestribune.com&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 12:14:01 GMT
via
1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P1
age
9803
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.thetimestribune.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
7CrHPRmNlkUSOWz1yn28TRtJ9Mc7rexUO46TEIo1LX6ulF1qmV-2qQ==
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.167.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-167-180.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5226aeea6d61d1ce536482f83567a6114cad48f51847c1e964f73a1a97e48fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ug1Sq902aRhfo_QG5m3HwUi1DNSdZhq5
content-encoding
br
via
1.1 b2e4ee7da1129b64011b5c8c604f1c26.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 14:56:46 GMT
x-amz-cf-pop
CMH68-P1
age
39
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 12 Dec 2022 17:02:34 GMT
server
AmazonS3
etag
W/"fbb9c5adf872861e75f2196677824b78"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
eMYCOykmSeZs__BxYPBJxGqsaaBSIN1Z5v5_bvd0KxQ9lHTTAhOZkw==
js
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd0a2899442babd62a414f2bd417e15ed8224ac627c2ca6683787a74584040eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76649
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 15 Dec 2022 14:57:25 GMT
rules-p-eb6rW8CarLDWY.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-eb6rW8CarLDWY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:34:50 GMT
via
1.1 e4115573bd297fb3424a2ffc8114fa1c.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
1357
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 16:26:57 GMT
server
AmazonS3
etag
"ea52eb301590b357d6e197d77eac3ab0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
ZSqikCcrcfOsNHk-YVCvjy-fbXErTez77RGJTE2OSXarU3aGIXlA6g==
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54716522-7&cid=333536868.1671116245&jid=1720343499&gjid=331254380&_gid=1283124798.1671116245&_u=YGBAgUABAAQCAEAAI~&z=1770421561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 14:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3850501-49&cid=333536868.1671116245&jid=589422101&gjid=1841985821&_gid=1283124798.1671116245&_u=YGDAgUABAAQCAEAAIAB~&z=514635680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 14:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2313981-1&cid=333536868.1671116245&jid=1889851014&gjid=1230030888&_gid=1283124798.1671116245&_u=YGDAgUABAAQCAEAAIAB~&z=548446770
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 14:57:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&aip=1&a=1089137470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&dp=%2F&ul=en-us&de=UTF-8&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQCAAAAI~&jid=1720343499&gjid=331254380&cid=333536868.1671116245&tid=UA-54716522-7&_gid=1283124798.1671116245&gtm=2wgbu0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.thetimestribune.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=972&z=268798751
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63770
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1089137470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAQCAEAAIAB~&jid=589422101&gjid=1841985821&cid=333536868.1671116245&tid=UA-3850501-49&_gid=1283124798.1671116245&gtm=2wgbu0K4GJW6&cd2=1671116244943.jeanjsvc&cd3=2022-12-15T14%3A57%3A24.943%2B00%3A00&z=299662582
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63770
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1089137470&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAQCAEAAIAB~&jid=1889851014&gjid=1230030888&cid=333536868.1671116245&tid=UA-2313981-1&_gid=1283124798.1671116245&gtm=2wgbu0K4GJW6&z=201139241
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63770
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1089137470&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Section&ea=Load&el=&ev=1&_u=YGDAgUABAAQCAEAAIAB~&jid=&gjid=&cid=333536868.1671116245&tid=UA-3850501-49&_gid=1283124798.1671116245&gtm=2wgbu0K4GJW6&z=443747016
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63770
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=14055
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
0504EB94718B1DC8
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59451
accept-ranges
bytes
content-length
55696
x-amz-id-2
CfkQ8jCVq4xPoieF7+4UjXB90iS4RK3WSSw8hKOXCqXvGvEgVa6PpuMQNWqK9zTI/9/qGcwj1+8=
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6417640&ntv_pl=1093724&prx_referrer=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-76-203.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=3114b383-7a5f-4b7a-b3fc-7be9e281b028&ntv_fl=znb2wpHxsxpDvf7lT7bivZhfn31Xc-p_fH_3pRUeVEJnYaG0HbIQGInHuASXHNVTjja-OfqVcaUrm0HfPcwvtjQ7cJkCNTvhbYP2UnlYM5EPV9AXO-kfKe9eOaH8x0VK3sWwG4JAQcUbG_3oSxmcKDVQGO1N_AL1413lDWV3jkf9n6mTTFUUXXmxCFTkgR6P-BXcNdoGvbqKT0hE2BsCnw==&ntv_ht=1TWbYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAXLAQA&ord=1671116245368&prx_referrer=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ntv_it
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-76-203.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thetimestribune.com%2F&pr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&pid=K1TZtqr0UuAXM&cb=0&ws=1600x1200&v=22.1201.834&t=1200&slots=%5B%7B%22sd%22%3A%22adb_leaderboard_atf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_atf%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%5D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.187.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-187-204.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
905b0132b58d5da3f804dbafbc6eaaaed5241d1d4773a580ce12db6628c5effc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fd3eca2f8c169f9c12ba5177c0bcdfd8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P2
x-amz-rid
KZGT5Q0QZRZ4PQ42NF9F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1392
x-amz-cf-id
TTkUPy6BNCv5-hTy0ecL2MvEJK9K9NS-Ih6aDGpubls3XRK9azqyJQ==
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=1//3-2^k8`2i.qy`6y:2@728090^k8`2i.qy`6y,4@540161672^k8`2i.qy`6y,5@11747827^k8`2i.qy`6y,6@6708^k8`2i,8@4627228^k8`2i,10@206470^k8`2i,33@kweVjHUGArBG6hf26MQludWF^qy`6y,33@Wzw8PTIjiCweyzaXnMKNHN27^k8`2i,115@8a969412017373b5acfab636b9130052^k8`2i.qy`6y,187@8a969412017373b5acfab636b9130052^k8`2i.qy`6y_5^8c`6y.8c`go:2@728102^8c`6y,4@540161676^8c`6y,5@11747850^8c`6y,8@4627233^8c`6y,10@206473^8c`6y,33@QelwClNwBTEkTmmySB7CPYkI^8c`6y,115@8a969412017373b5acfab636c35f0057^8c`6y,187@8a969412017373b5acfab636c35f0057^8c`6y_4^8c`6y.8c`go:2@728098^8c`6y.8c`go,4@540161675^8c`6y.8c`go,5@11747838^8c`6y.8c`go,6@6708^8c`go,8@4627231^8c`6y,8@4627234^8c`go,10@206472^8c`6y,10@206472^8c`go,33@0rzKSepXgqC5dUuQI3ZJy4I0^8c`go,33@6dS25Ty7ddFE8mVv0Zcann5W^8c`6y,115@8a969412017373b5acfab636bf190055^8c`6y.8c`go,187@8a969412017373b5acfab636bf190055^8c`6y.8c`go&bu=U21552b65fefb36,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U351d602d27c31,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U47ec49b6d6c842,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx&g=1T1hn&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.21r.1.0&m=z&rnd=1671116245553
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
cdb
bidder.criteo.com/ 		0
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=21530290126&lsavail=0
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid
ib.adnxs.com/ut/v3/ 		19 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:25 GMT
AN-X-Request-Uuid
c70868cc-b449-4377-8f18-c99e136cc1e6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
cnhi-d.openx.net/w/1.0/ 		175 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.thetimestribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=adefc92f-0792-4bcf-9756-1d1818210f21%2C1e0d862a-473d-4ac6-86b9-09956134483f%2C08026a57-c9dd-4a63-b3cb-32b38576487e&nocache=1671116245568&gdpr_consent=&gdpr=0&aus=728x90%2C970x250%7C300x250%2C300x600%7C300x250%2C300x600&divids=adb_leaderboard_atf%2Cadb_mediumRectangle_btf1%2Cadb_mediumRectangle_atf&aucs=%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_leaderboard_atf%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_mediumRectangle_btf1%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_mediumRectangle_atf&auid=540161672%2C540161676%2C540161675&aumfs=50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
75b36825110d0c0737bcda9cd8bc1ccf37bfe4abd6dbfe0d78e604a6f8a90cba

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:26 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.thetimestribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		549 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16962&site_id=153062&zone_id=728090%3B728102%3B728098&size_id=2%3B15%3B15&alt_size_ids=57%3B10%3B10&p_pos=atf%3Bbtf%3Batf&gdpr=0&rf=https%3A%2F%2Fwww.thetimestribune.com%2F&tg_i.pbadslot=%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_atf%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf1%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_atf&tk_flint=pbjs_lite_v7.19.0&x_source.tid=adefc92f-0792-4bcf-9756-1d1818210f21%3B1e0d862a-473d-4ac6-86b9-09956134483f%3B08026a57-c9dd-4a63-b3cb-32b38576487e&l_pb_bid_id=BR5a89cff6ea1fc6%3BBR194cc48ec1002ce%3BBR331fa3a703a0c22&p_screen_res=1600x1200&rp_floor=0.06&rp_secure=1&rp_maxbids=1&p_gpid=%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_atf%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf1%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_atf&slots=3&rand=0.19070549877317955
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aad7616a1ae7320c5f0a52235beafc7340a569d01c47ab0ab18b4817b8c2c263

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimestribune.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1671116245572;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1671116245573;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1671116245573;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1671116245573;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ 		0
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206470&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22R521a0afd1ebb291%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_atf%22%2C%22adunitcode%22%3A%22adb_mediumRectangle_atf%22%2C%22divId%22%3A%22adb_mediumRectangle_atf%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22BR103cdd0791dceb1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22206470%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206470%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_atf%22%2C%22tid%22%3A%22adefc92f-0792-4bcf-9756-1d1818210f21%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR2543a751ea4dd3c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206473%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22206473%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf1%22%2C%22tid%22%3A%221e0d862a-473d-4ac6-86b9-09956134483f%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR391260e04926a0e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206472%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22206472%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_atf%22%2C%22tid%22%3A%2208026a57-c9dd-4a63-b3cb-32b38576487e%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%227f958cd9-3fc8-442e-9c2c-863a001e7de1%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e696a42da8c84168acd24727c00b9ef6995cf56e890956162808379fb63cc4

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxU41oBg7dqOP4DGuId%2BfYjJeKt1tvQYvb7yglatCwGSnxVci5sLDWmCShYcmNDdSXqU5ViuFddL2585b2u1t%2B2RyvfRTpypMsMsgStrYiXHKG0yVYcze0mzyM6tysbzA3CcR6az"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a00818c927c40c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
v1
btlr.sharethrough.com/universal/ 		846 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
514d3e966ae3199042a367442b74190a66ea693b6eff710c33fefd9b99119eef

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
505
v1
btlr.sharethrough.com/universal/ 		639 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
68a60df4b87d559decd7f90cb124c5850a21a7e70de83fc4518589ea72cf1881

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
393
v1
btlr.sharethrough.com/universal/ 		384 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
042b4bd4cccacb97cf58b80a43fd2b8f0b2178799f229e681522dc3cf98b43e5

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
261
v1
btlr.sharethrough.com/universal/ 		732 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
d37752edff803410d5d34303f4a550f1874afcfb003cfde0da8988bad8fa73e4

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
452
v1
btlr.sharethrough.com/universal/ 		609 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
964ca71c069ccd8d603944693464d5c0ac56e547d94d804016db89585a094c82

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
461
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636b9130052&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
285fd62317c0b8d3e8bcb6ffd638cd922b10ac80122b725b7ecf648383f17323

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636c35f0057&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9ccff72abec4cebcf89efafdb43a6fbee38f2287222558e5af4f40d1d6f9ab10

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bf190055&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cfecd448a2f4010488e30d34344aa392d31a6533e980f98aac0ccbd9b4e36cdf

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
53cbc16be1f13fb5fee8429b52c9e7a8495935bfaaea29a0dc022010296cb85f

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9d6d052075be7dd638db66fa95d19201d9c75512a67f4d5f57ca6bacd18a954a

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
89cf4aa7bf7e80c5a8b4b217e47e3c2533ce424ea56633078808022e9fe6bba5

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
collect
analytics.google.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=2oebu0&_p=1089137470&_gaz=1&cid=333536868.1671116245&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&sid=1671116245&sct=1&seg=0&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.thetimestribune.com%2F&ep.townnews_crm_group_id=13&ep.generator=BLOX&ep.generator_version=1.65.3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=333536868.1671116245&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
error
pixel.quantcount.com/tag/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.quantcount.com/tag/error
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 15 Dec 2022 14:57:25 GMT
access-control-allow-headers
Accept, Accept-Language, Content-Type, Content-Language
content-length
0
access-control-allow-methods
POST, OPTIONS
pixel;r=1876171508;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.thetimestribune.com%2F;ref=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F;uht=2;fpan=1;fpa=P0-1146005079-1671116245201;pbc=;ns=...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1876171508;rf=0;a=p-eb6rW8CarLDWY;url=https%3A%2F%2Fwww.thetimestribune.com%2F;ref=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F;uht=2;fpan=1;fpa=P0-1146005079-1671116245201;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;d=thetimestribune.com;dst=0;et=1671116245638;tzo=0;ogl=type.website%2Curl.https%3A%2F%2Fwww%252Ethetimestribune%252Ecom%2F%2Cimage.https%3A%2F%2Fbloximages%252Echicago2%252Evip%252Etownnews%252Ecom%2Fthetimestribune%252Ecom%2Fcontent%2Ftncms%2Fc%2Cimage%3Awidth.600%2Cimage%3Aheight.315%2Ctitle.thetimestribune%252Ecom%20%7C%20Your%20Life%252E%20Your%20Paper%252E%2Csite_name.The%20Times-Tribune%252Ecom;ses=b5de3114-08ec-4816-b556-45cf3202a8b6
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		1 KB
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.167.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-167-180.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d7380dd96a8b87919129a9350fa06f0ce0bea63f622133f9ab48795cc4c1691

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
8txH5wV_fFBeCsycwcKUR9fe9PNa5E52
content-encoding
br
via
1.1 8cfefd272d22e2fc7f6429802eca79b0.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 12:14:18 GMT
x-amz-cf-pop
CMH68-P1
age
9788
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Dec 2022 21:14:10 GMT
server
AmazonS3
etag
W/"ada8a89067e19f1e5de85b349db95e54"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
4xfygIG-cYhGRrY6ptPKXdK2aueuaNyQ6yFO6tKVDIIz8rLRnKg17A==
advertiserwidget.css
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202212140/css/ 		522 B
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202212140/css/advertiserwidget.css
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-69.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 14 Dec 2022 19:58:13 GMT
Via
1.1 788c5a18883f334d0b09e6cda9d22c86.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Dec 2022 19:56:15 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CMH68-P1
Age
68353
ETag
"b325bb01ffc184ad1cb95dcd96959b45"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
522
X-Amz-Cf-Id
tHGggm_jL0xyX-gKKXlFlbkAdXn-vSdFZy3fyGGLvJd_9jESsWsQ1w==
advertiserwidget.js
cdn-resources.prfct.cc/assets/marketplace/libs/res/r202212140/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202212140/js/advertiserwidget.js
Requested by
Host: d1gzrgn7m19oq9.cloudfront.net
URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-69.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 14 Dec 2022 19:58:14 GMT
Content-Encoding
gzip
Via
1.1 ea4a33625617615e13496b292edda6d6.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Dec 2022 19:56:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CMH68-P1
Age
68352
ETag
W/"818bf56af8bae4d989b6fe947c57fae2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
x_NrDicJbfBBFZ_u4jpWgmJDZjcXRIYegSI3RR8uPlA-rsMfVRIslg==
14055
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/14055?t=202211151411
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
last-modified
Tue, 18 Nov 2014 20:18:12 GMT
server
AmazonS3
x-amz-request-id
9CD58BA44485EAC6
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=3400
accept-ranges
bytes
content-length
0
x-amz-id-2
Bn/4wd0Jjq0NJrN4DDkqUM4gKKvY3+dZWGZYgzNvbd2Wrn1Tm6hbu8MC6CcYQEVwdiBKh4mk/Rc=
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:25 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:25 GMT
server
ATS/9.1.10.25
ajs-destination.bundle.f10d3096539d72f6123e.js
cdn.segment.com/analytics-next/bundles/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.167.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-167-180.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 10:07:48 GMT
x-amz-version-id
GapeAhBzKQbN7SroNzUOQhE.t.cdXItE
content-encoding
br
via
1.1 b2e4ee7da1129b64011b5c8c604f1c26.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
794978
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Dec 2022 00:37:04 GMT
server
AmazonS3
etag
W/"3fe4d92339c7d21c57f0044fcdcf5274"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
n-TqDAYw7s6zDaNbM2X0W7KcVsI4GUOZlnaK7Ivt07P-qibd59LNDQ==
/
thetimestribune-cnhi-pw.newsmemory.com/ 		88 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thetimestribune-cnhi-pw.newsmemory.com/?meter&service=autologout&ta_MACHINE_ID=f8377f4bfe2bddd2714c92392e406791&r=1671116245925
Requested by
Host: thetimestribune-cnhi-pw.newsmemory.com
URL: https://thetimestribune-cnhi-pw.newsmemory.com/?meter&ta_MACHINE_ID=f8377f4bfe2bddd2714c92392e406791&v=4&r=1867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.17.34.108 Minneapolis, United States, ASN10242 (USINTERNET, US),
Reverse DNS
Software
Apache /
Resource Hash
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:26 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Expires
Content-Length
88
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.167.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-167-180.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 10:41:42 GMT
x-amz-version-id
dykqbV9fN.3WjwLtTkUYnUuE0gq8ICw4
content-encoding
br
via
1.1 b2e4ee7da1129b64011b5c8c604f1c26.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
1224944
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 01 Dec 2022 08:07:56 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
eWTEV3RObLY9SbJOeQ_J8RDUArWtjLXSFsqVxvHqlL8xBVHY5niASA==
gtm.js
www.googletagmanager.com/ 		126 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cece4b4750359db41742b2d940c82e6becd8ddede05bb5526fcf3c41aeb745ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47953
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Dec 2022 14:57:25 GMT
track.gif
a.wishabi.com/ 		0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=load&st=module&t=1671116245962&module_id=27217
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
m33V43IBERUtdOnt_TEJeas3rzRg5961UiF3S4fZiS6Dj2s12LZGog==
x-cache
Miss from cloudfront
sprite_icons_6dc7d94.png
www.justapinch.com/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.justapinch.com/images/sprite_icons_6dc7d94.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.10.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.10.211.130.bc.googleusercontent.com
Software
nginx /
Resource Hash
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 13:35:32 GMT
via
1.1 google
last-modified
Tue, 15 Nov 2022 20:27:25 GMT
server
nginx
age
1560114
x-who
gcloud-web-1
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22292
expires
Mon, 27 Nov 2023 13:35:32 GMT
pIStZTHxzaEqIBU5gm4kizZ13LBxBSkCiYTatS7CDpCXo1xfjDflPz28OsJvsp-zCHejK-WgXxcUWx0OAraXhXDEVR-sWw=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/pIStZTHxzaEqIBU5gm4kizZ13LBxBSkCiYTatS7CDpCXo1xfjDflPz28OsJvsp-zCHejK-WgXxcUWx0OAraXhXDEVR-sWw=w300-h170-p-rj-l75
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f49b154dca92f90c7e949fbcf2accbefc5850e0532b31533dc9983ae7d9ca34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 13:01:24 GMT
x-content-type-options
nosniff
age
6962
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6551
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 16 Dec 2022 01:01:03 GMT
5CqHPUffirt7pMy02WJXSejKXs3kcQWxqi913mmID6N4MeWPbxU1II4vNfK2teoW2ptOkoaTAcdiIBJWtlfXkjSzOEAosg=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/5CqHPUffirt7pMy02WJXSejKXs3kcQWxqi913mmID6N4MeWPbxU1II4vNfK2teoW2ptOkoaTAcdiIBJWtlfXkjSzOEAosg=w300-h170-p-rj-l75
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7848ecb37eb785be48c3148db33fc388a483df51725196271812517acf07ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 11:17:38 GMT
x-content-type-options
nosniff
age
13188
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15117
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 14 Dec 2022 19:16:01 GMT
2ESZx3gAaTGv7ie9Mq9b5hGCfUg6bjjsvkmz9ycywb1186v1EHtGtSfWvyXXX1zMZpk_B8z4tT5UMmqWvNotgv5zxORx=w300-h170-p-rj-l75
lh3.googleusercontent.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/2ESZx3gAaTGv7ie9Mq9b5hGCfUg6bjjsvkmz9ycywb1186v1EHtGtSfWvyXXX1zMZpk_B8z4tT5UMmqWvNotgv5zxORx=w300-h170-p-rj-l75
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
47c0f34429804918e7d8e607dbfae15bd318038bed677f572c87abf263a74766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 13:01:51 GMT
x-content-type-options
nosniff
age
6935
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11441
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 16 Dec 2022 01:01:02 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
widgetinfo
p.cityspark.com/api/widgets/ 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=1529&callback=jsonp1671117188589
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c6fd0a6857efb7a8b30f34aeb52310fbb3f86fe87488fa60800f92420cd72618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
63955135281c5.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/9/34/934f7dc8-7905-11ed-956f-6fcd1b82152b/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/9/34/934f7dc8-7905-11ed-956f-6fcd1b82152b/63955135281c5.image.jpg?resize=133%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70acd6df4688836582d1122b88dc7eaeb9be4e903ae1c9caa322da003395afc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1527
cf-polished
degrade=85, origSize=10374, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
7575
cf-bgj
imgq:85,h2pri
last-modified
Sun, 11 Dec 2022 03:40:38 GMT
server
cloudflare
x-vcache
MISS
etag
"3746c1820e6b2f2633ac6035ae5cd062"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a00819fcc88c99-EWR
expires
Mon, 11 Dec 2023 04:03:20 GMT
639542b02041a.image.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/e/bc/ebc977aa-78fc-11ed-97ac-9fb2c266c668/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/e/bc/ebc977aa-78fc-11ed-97ac-9fb2c266c668/639542b02041a.image.jpg?resize=160%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ec0c14822b0ef04f3cea799cce88680cc3500083c9fd9d06145e05a1f4f50d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
1527
cf-polished
qual=85, origFmt=jpeg, origSize=10300
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="639542b02041a.webp"
content-length
7266
cf-bgj
imgq:85,h2pri
last-modified
Sun, 11 Dec 2022 02:38:41 GMT
server
cloudflare
x-vcache
MISS
etag
"2435957fb7337b23915fd0cefc1f98eb"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a00819fccc8c99-EWR
expires
Tue, 12 Dec 2023 22:57:24 GMT
6398ecad3ac4d.preview.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/3/61/36155225-e3e3-53be-98fd-cc386a04e743/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/3/61/36155225-e3e3-53be-98fd-cc386a04e743/6398ecad3ac4d.preview.jpg?resize=149%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de97601ce6741b820d53a4d10c0bd3e23eef58fe9cb7e5105d046fa023343731
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
145777
cf-polished
qual=85, origFmt=jpeg, origSize=5597
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6398ecad3ac4d.webp"
content-length
5264
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Dec 2022 21:20:45 GMT
server
cloudflare
x-vcache
MISS
etag
"d315b5e5cf489779b3785629fcedcb29"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a00819fccf8c99-EWR
expires
Wed, 13 Dec 2023 21:28:26 GMT
6397a262d4690.preview.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/4f/64fcac26-e215-5598-b370-0e9bc9a2618a/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/4f/64fcac26-e215-5598-b370-0e9bc9a2618a/6397a262d4690.preview.jpg?resize=150%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fd71ff96c2f5347f15fe8e5ebe145b29c04fd12d8eccd60956ceec0827d94a5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
33301
cf-polished
qual=85, origFmt=jpeg, origSize=4205
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="6397a262d4690.webp"
content-length
3432
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Dec 2022 21:51:31 GMT
server
cloudflare
x-vcache
MISS
etag
"a8d87ee3fc8322457973717342a56b48"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a00819fcd08c99-EWR
expires
Tue, 12 Dec 2023 21:57:02 GMT
639142039cb26.preview.jpg
bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/d2/6d2e270d-c35d-5de8-91c1-711163614e6f/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/assets/v3/editorial/6/d2/6d2e270d-c35d-5de8-91c1-711163614e6f/639142039cb26.preview.jpg?resize=137%2C200
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc23d4f7bfdc55133576a87aef3892601381d9d724aea639c53d6f896a82588f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
strict-transport-security
max-age=604800
cf-cache-status
HIT
age
61075
cf-polished
origSize=6897, status=webp_bigger
cross-origin-resource-policy
cross-origin
content-length
6751
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Dec 2022 01:46:44 GMT
server
cloudflare
x-vcache
MISS
etag
"c4bee4c6bdc7828eb808edfcc0482eb5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noarchive
cf-ray
77a00819fcd18c99-EWR
expires
Fri, 08 Dec 2023 01:54:34 GMT
widget.aspx
video.digi-me.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.digi-me.com/widget.aspx?pID=2299&pub=undefined&hfbc=undefined&hftc=undefined&bbc=undefined&btc=undefined
Requested by
Host: video.digi-me.com
URL: https://video.digi-me.com/widget.js?pID=2299&w=350&h=300
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.202.114.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-114-247.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01359389845141dd19204f13ff7c4c70406200bed10a9ee390f7757e324c6042

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:25 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
2068
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
img/png
skeleton.js
static.adsafeprotected.com/ 		17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/yisee9jC_KWgyn-9XvSa5EbZJEY5eNHMSCSppYowii1L7Selu_02l80
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:4e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 09:24:09 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 b34c59219d5e9dc7c1b640b37c9a84f2.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P2
age
9264798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
tSQCLhN18dJ1PZrPFi4VLcuAxg1n7EjA0RRqsmhXu4WuNBJps4IBrA==
var=tncms_siteaud
ad.crwdcntrl.net/5/c=6880/pe=y/ 		77 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.crwdcntrl.net/5/c=6880/pe=y/var=tncms_siteaud
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.194.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-194-90.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/javascript;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.166
content-length
77
expires
0
iu3
s.amazon-adsystem.com/ Frame 234C
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
345 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
df950ce0b03bf8be917e11b3085a5f51e5291d77100b6ae717d5ce3f4e14a21d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
345
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 14:57:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
92ZEXAHJ2HW00APQR86Q

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1HKKM32Z1KYAPSY506CY
p
api.segment.io/v1/ 		21 B
179 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.236.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-236-150.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:27 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thetimestribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1400852277535726&correlator=2047624602087067&eid=31070872%2C31071151%2C31071221%2C31071125&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cthetimestribune%2Cweatherhousead%2Ctotalaudience&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4&prev_iu_szs=120x60%2C728x90%7C970x250%2C300x250%2C300x250%7C300x600&ifi=1&adks=3096272539%2C1835997238%2C2515456194%2C2018067250&didk=4086179324~3574856534~1929228636~316363514&sfv=1-0-40&fsbs=1%2C1%2C1%2C1&prev_scp=pos%3Datf%26adb_imp%3D1%7Cpos%3Datf%26amznbid%3D1vpsxz4%26amznp%3D1ujco3k%26amzniid%3DJF4Erp9WymBmNGAl3B0I5_sAAAGFFkpMIAEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBmTVB5%26amznsz%3D728x90%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf1%26amznbid%3D152vx8g%26amznp%3D1ujco3k%26amzniid%3DJBgK77BzhA69DySWflYHj3cAAAGFFkpMIAEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBga4cZ%26amznsz%3D300x250%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Datf%26amznbid%3Dnblwqo%26amznp%3D1ujco3k%26amzniid%3DJPPC88NZNuBwZtiLuv1slBEAAAGFFkpMIAEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICDFET4U%26amznsz%3D300x250%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&sc=1&cookie_enabled=1&abxe=1&dt=1671116246863&lmt=1671115919&dlt=1671116244024&idt=886&adxs=145%2C120%2C120%2C1180&adys=72%2C166%2C1648%2C334&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thetimestribune.com%2F&ref=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&frm=20&vis=1&psz=433x0%7C1360x30%7C300x10%7C300x10&msz=120x0%7C1360x20%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=333536868.1671116245&ga_sid=1671116247&ga_hid=1089137470&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f99cfcf453ddc38ef33adeab5c45b48b9d20f0d6c0ded3059acdd805c99d818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14682
x-xss-protection
0
google-lineitem-id
-2,-2,4546508615,4546028776
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,138260249441,138260249498
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:26 GMT
expires
Fri, 15 Dec 2023 14:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ui-bg_flat_75_ffffff_40x100.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		260 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528384434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
x-sp-metadata
HS256.COaH7ZwGEqABCiQ3ZjMwZjVlOC0wN2IwLTRjODktOTc3OC05MGE0MjdlZTE0NTgQ+OiCoKvU+wIaBgjW6+ycBiIlMmEwZDo1NjAwOjI0OjE0MDA6MTAxMTplOTAzOmU5ZmY6YjVjZCisngIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDMxZTAyNGQ1LThmZWUtNGM4NS1iNzVhLWNlYzUwNGQyZGY3NBiEAg==.Kn1Bv4XEIjgS9vdLHot/ENl3R8YhDsdMN3hdzinJTsw=
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
"28feccc0-104"
x-hw
1671116246.dop046.ny3.t,1671116246.cds239.ny3.hn,1671116246.cds241.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
260
ui-icons_454545_256x240.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-icons_454545_256x240.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528384434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f1f7b44bca6fa1be603ce2616c3a100f43ad9c5bbb2527a645326065b43c3dfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
x-sp-metadata
HS256.COaH7ZwGEqABCiQ1OWYzZDAwNy00NWRkLTQxZDUtYTVjOC1lYTNjZDdmZmQzNGYQ+OiCoKvU+wIaBgjW6+ycBiIlMmEwZDo1NjAwOjI0OjE0MDA6MTAxMTplOTAzOmU5ZmY6YjVjZCisngIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDUyNTE2MTc2LTNlNzctNDEzMC1iNmFmLWFmNjExZTEwYzMzOBi9Ng==.U9+fV2OY+x5M7SiiX25HtFQ6vDy5mHOayxkWYBh8t44=
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
"28feccc0-1b3d"
x-hw
1671116246.dop046.ny3.t,1671116246.cds239.ny3.hn,1671116246.cds236.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
6973
ui-icons_888888_256x240.png
code.jquery.com/ui/1.10.4/themes/smoothness/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://code.jquery.com/ui/1.10.4/themes/smoothness/images/ui-icons_888888_256x240.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thetimestribune.com/content/tncms/live/libraries/flex/components/site/resources/styles/jquery-ui.css?_dc=1528384434
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
cc765c2c6c219c6082e91d06ddf23142ebe46f856560a0deda8f04f1c7f03691

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bloximages.chicago2.vip.townnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:26 GMT
x-sp-metadata
HS256.COaH7ZwGEqABCiQ1ZDZkYzVjOC0zMjgzLTQ4NTMtYmJiMi0yYzg3Y2YzZWYzZTAQ+OiCoKvU+wIaBgjW6+ycBiIlMmEwZDo1NjAwOjI0OjE0MDA6MTAxMTplOTAzOmU5ZmY6YjVjZCisngIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDhiN2ViODNmLTc4YWEtNDI5YS05MTk2LWEwMTVmNmM4MDkyZRiENw==.WCdtT7Hh19KgOVTILNNpsYlndNLCxX+jTIRVCucJe+A=
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
"28feccc0-1b84"
x-hw
1671116246.dop046.ny3.t,1671116246.cds239.ny3.hn,1671116246.cds044.ny3.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
7044
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cnhi.com&p=%2F&u=B3M7pdzDS-QBdMv1e&d=thetimestribune.com&g=34377&g0=thetimestribune.com&g1=No%20Author&n=1&f=00001&c=0.01&x=0&m=0&y=8990&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&PA=https%3A%2F%2Fwww.thetimestribune.com%2F&b=3329&t=BMbHjLBMJCgsBSUJ6KB6TmYrBbvk_W&V=139&i=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&tz=0&sn=1&sv=JlrDuCkxetVDF2JozhRJGrCktMmU&sr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&sd=1&im=061b2ffa&_
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.49.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-49-203.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:27 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
v2
api.viafoura.co/v2/www.thetimestribune.com/bootstrap/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thetimestribune.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f21d2da86841eef4c55602a692440536771156c16f1305ffb93deb214b371d52

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-0c59bdb933317007e
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 15 Dec 2022 14:57:27 GMT
v2
api.viafoura.co/v2/www.thetimestribune.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thetimestribune.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
1728000
cache-control
max-age=0
date
Thu, 15 Dec 2022 14:57:27 GMT
expires
Thu, 15 Dec 2022 14:57:27 GMT
server
nginx/1.18.0 (Ubuntu)
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 14:57:27 GMT
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=0,1,2,3,4,5:2,6,,9i:7,8,,cK:9,a,,64:b,c,,75:d,e,,73:f,g,,6X:h,i,,86:h,j,,86:k,l,,d4:m,l,,cL&b=0,1,9,n,o,5:2,p,,9i:7,q,,cK:9,r,,64:d,s,,73:f,t,,6X:h,u,,87:k,v,,d4:m,v,,cL&b=0,1,7,w,x,5:2,y,,9i:7,z,,cK:9,A,,64:b,c,,76:d,B,,73:d,C,,73:f,D,,6X:f,D,,6X:h,E,,87:h,F,,87:k,G,,d4:m,G,,cL&bi=1,A181ac210903d1c7,2,U21552b65fefb36,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience,728090,4,540161672,5,11747827,6,6708,8,4627228,10,206470,33,kweVjHUGArBG6hf26MQludWF,Wzw8PTIjiCweyzaXnMKNHN27,115,8a969412017373b5acfab636b9130052,187,U351d602d27c31,adb_mediumRectangle_btf1,728102,540161676,11747850,4627233,206473,QelwClNwBTEkTmmySB7CPYkI,8a969412017373b5acfab636c35f0057,U47ec49b6d6c842,adb_mediumRectangle_atf,728098,540161675,11747838,4627231,4627234,206472,0rzKSepXgqC5dUuQI3ZJy4I0,6dS25Ty7ddFE8mVv0Zcann5W,8a969412017373b5acfab636bf190055&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T2n5&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.6y6.1.0&m=z&rnd=1671116247046
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
flyermodules
api.circularhub.com/ Frame 1BE5 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.circularhub.com/flyermodules?key=5d82d3b5b94cbe5b&t=1671116247063&campaignId=&engaged_flyers=&mtypeid=27217&callback=__flipp_module_callback
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-44.cmh68.r.cloudfront.net
Software
nginx /
Resource Hash
3e8ed004904982da9c027afc46c23b2ec1b1f0504b98e2f7f3278584c5e361ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
via
1.1 773037e393cd6076bf819021d17f11ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-cache
Miss from cloudfront
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
status
200 OK
content-length
2215
x-request-id
a9518ad59055999c8da00d9bb8c837e0
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.370568
server
nginx
etag
W/"9a8dc966ead0e7d33c91031298ced2f6"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
KFoAqCVMO_UwpWTNx2cEWXp8RfeWgSZyzgF-C_3WDdN9mQgmgATCNw==
x-rack-cache
miss
wid_iframe.html
a.wishabi.com/sync/ Frame D1B9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a.wishabi.com/sync/wid_iframe.html
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
0a75a24eb7d1cb855611174482489741928526514df4e2a17eecde39c2cce489

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1578
date
Thu, 15 Dec 2022 14:57:27 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-id
vsfdcfJR3p3NVNUxZJoq2dCF4Ibtf4zP67X0ZEI7f8z_LFjkEX_LYA==
x-amz-cf-pop
CMH68-P1
x-cache
Miss from cloudfront
analytics.js
www.google-analytics.com/ Frame 86CC 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:44:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
793
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 16:44:14 GMT
WidgetTemplate.min.css
csp.azureedge.net/cdn/widget/ Frame 86CC 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
029086d89d5b475ab8cb71cb223c502ba19980692d60958dcfd6571aed75d98f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e0e87"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3242
angular.min.js
cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/ Frame 86CC 		233 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23261728
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19155-FRA, cache-ewr18131-EWR
server
cloudflare
etag
W/"3a3d1-mQhO7M4PisJK9aOZxo7KSLWf0fo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXGF%2BEXdos7jLYEqXEF2tzyxUwnB6jaSQ9TuzNHZokb2X4SV8Kk7IcFLCJs8jQdS%2B3l7sLWLozvhIvCcEJAOijVIDX%2F4vzookqdgPa0ckRYXrYdZ%2Fmo0JNZQX8EqnDQD1VeSB3L1epeFZaEM%2BCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77a008230ffe19f3-EWR
widgetcombined2.min.js
csp.azureedge.net/cdn/widget/ Frame 86CC 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/widgetcombined2.min.js?v=7
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e3231"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3738
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 86CC 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 40BB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f09d8801db1f96c2758655ca4675b62e5ff649fd736bef36396c9bdcdcf57cf0
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2331
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 14:57:27 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2RXRD298QDW3PGWC5THC
thirdpartycookie
api.viafoura.co/v2/www.thetimestribune.com/ 		45 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thetimestribune.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4800:250:51f2:8e30:528d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-instance-id
i-0d571da4af9dd747e
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Thu, 15 Dec 2022 14:57:27 GMT
v2wsy0t-aF2NbfDeOmIjHWHfKzCahtDj4dkg5xttxu03zLLWH0kSuvuMC-B3nQObdV1BL_mH2Ag
bandborder.com/ 		183 B
210 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2wsy0t-aF2NbfDeOmIjHWHfKzCahtDj4dkg5xttxu03zLLWH0kSuvuMC-B3nQObdV1BL_mH2Ag
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/yisee9jC_KWgyn-9XvSa5EbZJEY5eNHMSCSppYowii1L7Selu_02l80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4344703c2e9d211cfd950a5b6fea61c1eae0a9b5f13b2aaeb7487f4ec3bd2ebb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 14:57:27 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
183
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
x-hostname
fen-hoothoot-us-east1-spot-q1h3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Thu, 15 Dec 2022 14:57:26 GMT
truncated
/ Frame 86CC 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame 86CC 		0
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 16 Dec 2022 14:57:27 GMT
/
p.adsymptotic.com/d/px/ Frame 1BE5
Redirect Chain
  • https://idsync.rlcdn.com/398526.gif?partner_uid=null
  • https://idsync.rlcdn.com/1000.gif?memo=CL6pGBIPCgsIARCqdhoEbnVsbBAAGg0I1-vsnAYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&rand=07895132
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu
  • https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu&_expected_cookie=c0c5a...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu&_expected_cookie=c0c5ab599a00f4401fc275e4ea5f4c4e
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Thu, 15 Dec 2022 14:57:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0082b09bdc356-EWR
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=10339&_psign=f79776ac7a290c8b1b2a94bd7ad5f0ce&_puuid=6f1bf7b78dc6038c072e7467ceb942f6fedd36fe2b978f0dede8bcc49aa74c2d791426b5417dce21&_pu&_expected_cookie=c0c5ab599a00f4401fc275e4ea5f4c4e
date
Thu, 15 Dec 2022 14:57:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77a0082a0ff0c356-EWR
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame B69E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_WroNQgsZf_uAmzTVrGd_r7zin6K_5myoqGgHCaccKBZPr188aO8eiLhkKUr_AQK1hRhFdEiYIxVL1kNaHluNEPqtM0CVyi-dcNb-ck8gKhwMN3LbKILNZHexo4QUZUuhsPi3nfsJn_7xBqzEgIReWuItDmALF6Z0Vtk0akGGbRg5Ls8QhTAZxi0RvScyiqrmYKirhTaGXS_KpoTtqkJpEr6n-NbTZw_nk7dOcc6VJp4HA0qgPL2oC44jxxqHTPnR4_c0plvWnymykiKQAzzKjRvp5QMaaYpmJJuumMt5cAecLQWl-a1-TVSZJ0w2PR8MktWENdj7H6AjxLM69yr7hdJsEr8Lhh67OlRwknXmeyIku7VdkI4SKzwqZQ&sai=AMfl-YTGnqIAUrKfCa6LZ1_oUorFN0jcZLtBLgDcH7feJd3sKpTBXsk9SHT0oss6fC-ODMBIIEprBnrryy0FHmGnxxDn9b8HfqcDMKyE3kVr75CULsy5e79mWHgC56wHiArqTS9Yp8ueSz_PUjO0pf2gg3w&sig=Cg0ArKJSzGY-kvv_eVsBEAE&uach_m=[UACH]&adurl=
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame B69E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B69E 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:27 GMT
10053456317451261781
tpc.googlesyndication.com/simgad/ Frame B69E 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10053456317451261781
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d06c7bc1373c95dc27de8b849f8da7248a983fa8ddf1d9c59a2d1cc9c0b207fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 12:06:58 GMT
x-content-type-options
nosniff
age
96629
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108102
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Dec 2023 12:06:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A419 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu92cwKlBTQep5L5EcXtWRQv07DcHcludUhqGHqgKRZOo3oPH6AHdvTU_YO-0h9T8mHm9l4w6LE1zMwYT0VykuUDXfPQKnYRyD-Zpsw5HUkRCA8l2-xdXl0E4skcGlxWrVBS6j354q1YKmaht20b71culL9XLT9_xd7G5hGVCnsuMlpWagom5jcJPY0pfk-KLJpyBdYHWqqkn-Mlc1uDeSRvgjEpCOT1hASlyCjUdYb1OepX7iuaqy1EZJw-JHupGTIiAMmimtZMOySmHUh7JbCoy561M8fuahHgTfCF9hEvhKHD8ensQT5SQRGKDdVAN-4pfDkFePKui2qTgFPzfcYJQKplfMuF52B6x0alBo_y2Z6l3nb5vo53IV_9w&sai=AMfl-YRGSEjuBu7bvA-IXiDS3P8qk91ERwuKUTxVyZMS9-DBgJmC4sgI6MblaAwvJvPZvFCbRaucR9E2M9x6g6vV4Jcl2CQGxzJkBmfHwslLS67CEvzG7UQZpnN3NtxZsVGZBV-_TvQDs76-I68znWm5eEw&sig=Cg0ArKJSzPclqmEVsor5EAE&uach_m=[UACH]&adurl=
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A419 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A419 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:27 GMT
13081235425497665555
tpc.googlesyndication.com/simgad/ Frame A419 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13081235425497665555
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d06c7bc1373c95dc27de8b849f8da7248a983fa8ddf1d9c59a2d1cc9c0b207fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 13 Dec 2022 19:54:41 GMT
x-content-type-options
nosniff
age
154966
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108102
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:45:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Dec 2023 19:54:41 GMT
truncated
/ Frame B69E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1b3b08263cd160f119b53ce6ea8a44822edb51ee16af4155a6245b917db178f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A419 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f378a8adc90da1f4b8f6d36ec39dc87ac267fc43d765e3b3cfe7597f87510350

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 40BB
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=39610da3
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=39610da3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B1B26Z087VXJP026XRKD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 14:57:27 GMT
via
1.1 272c2d99c78297585ae7d3f10956c25a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=39610da3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hRXhEr0EccD5bT-30i5Gg9AviAq3OFawlxlTlkJ1J43pIVD-pmiCpw==
ecm3
s.amazon-adsystem.com/ Frame 40BB
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=EE7C2CD6447D4FB782121DE57AC7E703&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=EE7C2CD6447D4FB782121DE57AC7E703&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QXTNQCQX4J3EEGR7GJGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 14:57:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=EE7C2CD6447D4FB782121DE57AC7E703&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 14:57:27 GMT
ecm3
s.amazon-adsystem.com/ Frame 40BB
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=4b03b005-7935-4f69-8c20-44671a57d39c
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=4b03b005-7935-4f69-8c20-44671a57d39c
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XPYNWG8GA62PSV7G38F3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=4b03b005-7935-4f69-8c20-44671a57d39c
access-control-allow-origin
*
date
Thu, 15 Dec 2022 14:57:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
ecm3
s.amazon-adsystem.com/ Frame 40BB
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3141178480815869000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3141178480815869000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PMEHNK8HCQRRW4ZZED52
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3141178480815869000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 15 Dec 2022 14:57:28 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.thetimestribune.com%2F&pr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&pid=K1TZtqr0UuAXM&cb=1&ws=1600x1200&v=22.1201.834&t=1200&slots=%5B%7B%22sd%22%3A%22adb_mediumRectangle_btf2_flex%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_mid%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_mediumRectangle_btf3_flex%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_leaderboard_btf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thetimestribune%2Ftotalaudience%22%7D%2C%7B%22sd%22%3A%22adb_floorboard%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22thetimestribune%2Frichmedia%22%7D%5D&pubid=50a6bf9e-2e04-48d8-9da3-bf7857460c69&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.187.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-187-204.cmh68.r.cloudfront.net
Software
Server /
Resource Hash
800ffb0c3649308cb18b434a52318abd6bbfdce908a3c5c3867aba4877c953f9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 fd3eca2f8c169f9c12ba5177c0bcdfd8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CMH68-P2
x-amz-rid
CS4A8PVQSQZW3SRMS94G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2100
x-amz-cf-id
CxA2A-61PtoA8-PBGFPUhclQLdITAVdofVaWgJ2Wl4UoA0hNFOuznQ==
icomoon.ttf
csp.azureedge.net/cdn/widget/fonts/ Frame 86CC 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/fonts/icomoon.ttf?-35bf
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb

Request headers

Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e2e10"
x-powered-by
ASP.NET
content-type
application/x-font-ttf
access-control-allow-origin
*
accept-ranges
bytes
content-length
1936
intl-messageformat.08ed488acce68af5427e.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.08ed488acce68af5427e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
6SRSejxlfOHgTpEXP0wss4KIr_NIAedw
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69469
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:05 GMT
server
AmazonS3
etag
W/"1b94bcc4f08423a7f6093908cbf33ad7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
yX5_NwuN3Tx2Sm-90Xr6iNO5mpTnVv0fESrbzE5zfb9yJJ73zHEm1Q==
intl-messageformat.f699e602dfe83ef24fdf.js
cdn.viafoura.net/chunks/languages/ 		135 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.f699e602dfe83ef24fdf.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
4qsmn.d6ilYlmyz7C_JyMIgspA4krB5y
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69469
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Wed, 14 Dec 2022 19:38:57 GMT
server
AmazonS3
etag
"8cf6203079b3b340aefefb88dc916fba"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-t2ZdbvKurI0DMoWTajzrifKw1tzwtF3w7Q8PYul8O67llCzFza2FA==
en-us-base-json.e6591103383cc0edc5dc.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.e6591103383cc0edc5dc.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
z.kxT29WShjWywM.WRjS5mA3RRPBSdrN
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69469
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:38:50 GMT
server
AmazonS3
etag
W/"18748a1c1f7924636a9aced117719e6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
45NlB7AM9z34tsB6rG5pzw_-EV218-zfcUQ5sblqTo8cltbfZ1sEdw==
amzns2s
rtb.gumgum.com/usync/ Frame F06A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.97.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-97-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
36846467a1232f96f502b25fc37a3fb50360202f189e0e2520e920b68a455010

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 15 Dec 2022 14:57:27 GMT
etag
W/"097fa1f838f9b01822595542922a0028a"
server
nginx
timing-allow-origin
*
/
match.sharethrough.com/jwumXNuB/v1/ Frame 7AF2 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
4220460db38d6f83d385330923c8acadcaa289b3752a7f140ceb7c0720234e5d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Thu, 15 Dec 2022 14:57:27 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 342D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.240.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59348
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 07:26:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 7BE1 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 14:57:27 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 09CF
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=9b4861934ab161e&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyc6i5UI1qwMd1-RjAAAAAAA&expiration=1671202648&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyc6i5UI1qwMd1-RjAAAAAAA&expiration=1671202648&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CT442E030NKN5RXPCVR0

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Thu, 15 Dec 2022 14:57:28 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHyc6i5UI1qwMd1-RjAAAAAAA&expiration=1671202648&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
amazon
ap.lijit.com/beacon/ Frame 014F
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_gg_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-Azerion_n-MediaNet_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
412b546a52d1c7300e61502b17eb5636750f3d105d08b41f0d11cb1f8239fe44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
1238
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:27 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:27 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap5ewr1
/
adspsp.com/pt/1710310/1/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/1/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=2//5-6^8c`6y.8c`go:2@728106^8c`6y,4@540161677^8c`6y,5@11747857^8c`6y,8@4627232^8c`6y,10@206474^8c`6y,33@RdDNDHspumwjeZ0rUNnd0pI3^8c`6y,115@8a969412017373b5acfab636c1720056^8c`6y,187@8a969412017373b5acfab636c1720056^8c`6y_14^k8`2i.qy`6y:2@843112^k8`2i.qy`6y,4@540161674^k8`2i.qy`6y,5@12812950^k8`2i.qy`6y,6@6708^k8`2i,6@6708^qy`6y,10@213819^k8`2i,10@213819^qy`6y,33@ccVECva4DSFcmufUCsC4hRze^qy`6y,33@RhAhHL3X0jLoZaEznwQUyb71^k8`2i,115@8a969412017373b5acfab636bb140053^k8`2i.qy`6y,172@CNHI^k8`2i.qy`6y,187@8a969d5c017e7ef9c845ff66b77e0091^k8`2i.qy`6y_7^8c`6y.8c`go:2@728120^8c`6y.8c`go,4@540161678^8c`6y.8c`go,5@11747862^8c`6y.8c`go,6@6708^8c`go,8@4627235^8c`6y,8@4627238^8c`go,10@206475^8c`6y,10@206475^8c`go,33@dud0WW7nNOo36hYmTXQelFuy^8c`6y,33@GHSbYsaobKCFcdXjiEKcq6Z3^8c`go,115@8a969412017373b5acfab636c7530059^8c`6y.8c`go,187@8a969412017373b5acfab636c7530059^8c`6y.8c`go_3^k8`2i:2@728094^k8`2i,4@540161673^k8`2i,5@11747832^k8`2i,6@6708^k8`2i,6@6708^qy`6y,8@4627229^k8`2i,10@206471^k8`2i,10@206471^qy`6y,33@PDDWminnzbApknGlqgkxpZCm^k8`2i,115@8a969412017373b5acfab636bb140053^k8`2i,172@CNHI^k8`2i,187@8a969412017373b5acfab636bb140053^k8`2i_11^qy`2i.k8`2i:2@1061360^qy`2i.k8`2i,4@540327076^qy`2i.k8`2i,5@11908123^qy`2i.k8`2i,6@6708^k8`2i,6@6708^qy`2i,8@4955987^k8`2i,8@4955988^qy`2i,10@302372^k8`2i,10@302373^qy`2i,33@4toHxb5i3eKGPsfolJ10gLL8^k8`2i,33@ZKnbpUBWqDmzqbvOMugL6P14^qy`2i,115@8a969412017373b5acfab636ad1b004e^qy`2i.k8`2i,187@8a969412017373b5acfab636ad1b004e^qy`2i.k8`2i&bu=U86e61d76052531f,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U89f3a7d06105028,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U901242f55550ac,adb_mediumRectangle_btf3_flex,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U91ae685475f98b8,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&bu=U92d68c11cf20ac,adb_floorboard,%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T387&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.6yo.1.0&m=z&zi=adb_weather_atf,weatherhousead,0,adb_leaderboard_atf,totalaudience,2,U21552b65fefb36,adb_mediumRectangle_btf1,5,U351d602d27c31,adb_mediumRectangle_atf,4,U47ec49b6d6c842&z=0,1,2,2:.,1,120x0,ax,420.0,0,007z&z=3,4,5,6:.,1,1360x20,ax,44c.0,k,007z&z=7,4,8,9:.,1,2,b6,219r.0,cf,0088&z=a,4,b,c:.,1,2,b6,499.0,k,0088&rnd=1671116247804
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
prebid
bids.concert.io/bids/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
e09ed6b90ea7e38a34195ce97def0158471006fc7c50dbacfcb4d96b3d4eb7bf

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
content-encoding
gzip
via
1.1 google
x-lat-long
40.712775,-74.005973
x-powered-by
Express
x-region
US
x-city
New York
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-response-time
350.935ms
server
Google Frontend
etag
W/"257d-hzdZnN/zoPKab591Vl1A9JxksDE"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
x-cloud-trace-context
1d260b04ade3bbe06c5f96cc4ed285ee/3216431194753279628
cache-control
private
access-control-allow-credentials
true
x-region-subdivision
USNY
pbjs
htlb.casalemedia.com/openrtb/ 		39 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=206474&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22R17094050711b9c7e%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22ls%22%3Afalse%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%227.19.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%2C%22tmax%22%3A1200%2C%22syncsPerBidder%22%3A5%2C%22pbadslot%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia%23adb_floorboard%22%2C%22adunitcode%22%3A%22adb_floorboard%22%2C%22divId%22%3A%22adb_floorboard%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22BR101e8e8798d554fb%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206474%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22206474%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf2_flex%22%2C%22tid%22%3A%2266186360-56ff-4517-9db2-36f2866cc459%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR115b942a35f84671%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22213819%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22213819%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_mid%22%2C%22tid%22%3A%220744d515-fe85-479c-b84b-2b843d57784f%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR1295ad122242de52%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22206475%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22206475%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf3_flex%22%2C%22tid%22%3A%22a7bc9e04-2c4a-457a-a938-45e837e86518%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR143fcfebe21b9cad%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22206471%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_btf%22%2C%22tid%22%3A%22394b79e0-df50-4df5-9185-32b62084acfc%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22BR158c0c109cce4071%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22302372%22%2C%22fl%22%3A%22x%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22302373%22%2C%22fl%22%3A%22x%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia%22%2C%22gpid%22%3A%22%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia%23adb_floorboard%22%2C%22tid%22%3A%22ccee666a-7f4f-42ed-8889-383444fa3a28%22%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22tid%22%3A%2227f65693-f808-48d4-bbad-2cb649a85451%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c384008bdfeaa533aae168a9ebbdd7668354b462137e9ed35384a0d65ebf2e9

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNEqUG1FQDRVKRa53sXaerdzM6DUZsLfa2X%2FiBk8uor3IDLSizg6JgC0nDWasy4IcdfxOI1Uu70LR2l3GTggoEDWW%2F2AhpO6ZQxh1yVmH5aaT4rAyatpTCEA7xw9s6CppwhlCDlO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a0082518df0ccd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39
expires
0
arj
cnhi-d.openx.net/w/1.0/ 		174 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnhi-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.thetimestribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=66186360-56ff-4517-9db2-36f2866cc459%2C0744d515-fe85-479c-b84b-2b843d57784f%2Ca7bc9e04-2c4a-457a-a938-45e837e86518%2C394b79e0-df50-4df5-9185-32b62084acfc%2Cccee666a-7f4f-42ed-8889-383444fa3a28&nocache=1671116247812&gdpr_consent=&gdpr=0&aus=300x250%2C300x600%7C728x90%2C970x250%7C300x250%2C300x600%7C728x90%7C970x90%2C728x90&divids=adb_mediumRectangle_btf2_flex%2Cadb_leaderboard_mid%2Cadb_mediumRectangle_btf3_flex%2Cadb_leaderboard_btf%2Cadb_floorboard&aucs=%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_mediumRectangle_btf2_flex%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_leaderboard_mid%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_mediumRectangle_btf3_flex%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Ftotalaudience%2523adb_leaderboard_btf%2C%252F9869277%252Fcnhi%252Fthetimestribune%252Frichmedia%2523adb_floorboard&auid=540161677%2C540161674%2C540161678%2C540161673%2C540327076&aumfs=50%2C50%2C50%2C50%2C50
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5bf1df0f5a8b5e71529ac7e30f04f64ee11702641bf4a3dc730c83c7a573bf13

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.thetimestribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		807 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16962&site_id=153062&zone_id=728106%3B843112%3B728120%3B728094%3B1061360&size_id=15%3B2%3B15%3B2%3B2&alt_size_ids=10%3B57%3B10%3B%3B55&p_pos=btf&gdpr=0&rf=https%3A%2F%2Fwww.thetimestribune.com%2F&tg_i.pbadslot=%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf2_flex%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_mid%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf3_flex%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_btf%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia%23adb_floorboard&tk_flint=pbjs_lite_v7.19.0&x_source.tid=66186360-56ff-4517-9db2-36f2866cc459%3B0744d515-fe85-479c-b84b-2b843d57784f%3Ba7bc9e04-2c4a-457a-a938-45e837e86518%3B394b79e0-df50-4df5-9185-32b62084acfc%3Bccee666a-7f4f-42ed-8889-383444fa3a28&l_pb_bid_id=BR95183a3bdb16d1e%3BBR110de60458ad4566%3BBR12352b0cd3f027d2%3BBR13786dcb15b8f4d9%3BBR151f3af1fc6a3bd4&p_screen_res=1600x1200&rp_floor=0.06&rp_secure=1&rp_maxbids=1&p_gpid=%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf2_flex%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_mid%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_mediumRectangle_btf3_flex%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience%23adb_leaderboard_btf%3B%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia%23adb_floorboard&slots=5&rand=0.5349188519727381
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f977e99004d2e8e564128cd5a002c4cd3d681bf8c6fe9100f81ab8c219c24f4

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimestribune.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
807
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:27 GMT
AN-X-Request-Uuid
07677b63-1796-4479-b886-79bf5a9c8bf9
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627235/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627238/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=9;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=10;misc=1671116247815;
adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ 		0
0
v1
btlr.sharethrough.com/universal/ 		621 B
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
1971669620c816f3e108dd8bb837684e0f1b4dd9fc64b6da69d952c92247e775

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
385
v1
btlr.sharethrough.com/universal/ 		602 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
4a61fe525a660e3e823d52dc9b2199d8c4204ad1df188d443042f7dc0dce5cc2

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
376
v1
btlr.sharethrough.com/universal/ 		680 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
13973d72fdd0c76816ffd7e176967a3ce7884961341193e81e3f1ad4a047d823

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
437
v1
btlr.sharethrough.com/universal/ 		789 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
608f457c002c417768aeafb1752c054f9dd891c8bc5636ad218ea953c29aa6fd

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
458
v1
btlr.sharethrough.com/universal/ 		715 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
5dc30f8cb224f1b80c51ce7cf49f5f37475bc92b400c71a9c228986334aa858b

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
416
v1
btlr.sharethrough.com/universal/ 		553 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
a6fa7d628da2963f9abaef4541a28d5cbabd9f824d6e643bcb0ed9eaaf8ff944

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
360
v1
btlr.sharethrough.com/universal/ 		499 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
6b11012df763480bcf7b9f083719705f0c83e4e687158dfb082f49736e8aedd0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:28 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
362
v1
btlr.sharethrough.com/universal/ 		636 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.125.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-125-27.compute-1.amazonaws.com
Software
/
Resource Hash
1ed6c415b344591ee5808a4303d3ba55faa8756b866af9ccb7a76f389d45d41e

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
private, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
342
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636c1720056&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
38ca0a38b5b6146ddae7b1be9393b2e8e967d57f7f9b7b33bcddd46e2fa61483

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bb140053&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a06c3d74c6202b70677d1c15c168d28e3717ea2f1a5efb18427bc5825205c249

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636c7530059&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
218a0e66df0fb27c4f40d049edac29fff94b6af1cbc2ab06e8b81be00d913164

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636bb140053&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4a1c879bfeb262f4edd56b2cc9db0aa9fec1cf8920ce4903b69cf422aea3969a

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969412017373b5acfab630bb1a003f&pos=8a969412017373b5acfab636ad1b004e&cmd=bid&secure=1
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7a40c57d0e780b4e4a2b507814b76a6940c6051fd0d23b016339be7d4c841059

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e9d69c8a4ec73cdebe7034660a800df22e019b0d39bc2bef3f68f94bcddc321f

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d0eea652dd20ae3c690f06a7c796a49cbd521f04494f17f2ab4b62ecb2e3bd3d

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d02e0b4076f1ae7e103572219aac8ee3932d4bc45119669ec3b01958600d4a5c

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
24ebce0e284caf3f71dbe84e79ad33042d6f0d819c65617dc8dc9abb2135331d

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.ssp.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
ddd5f4997df8fe2ccb85226344096e4cb1c0d04d2b6acd49b4d2c416163dcf45

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		1005 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=185&av=34&wv=7.19.0&cb=90247999417
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
90ce667f750a9e163eab1a595468b5794f0d5fb56133b611da1399861dba3086
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
352
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.ssp.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:27 GMT
server
ATS/9.1.10.25
ajax-loader.gif
csp.azureedge.net/cdn/widget/ Frame 86CC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csp.azureedge.net/cdn/widget/ajax-loader.gif
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:76f8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate.min.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e39d2"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
4178
d79fec9e-625d-494a-8623-ed009ee58656.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d79fec9e-625d-494a-8623-ed009ee58656.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
864396c3d65e948b66dbc5c393afd266f207bdd8c859e69640d06f311b2f0ed1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Fri, 18 Oct 2013 00:25:14 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
ho79t8hwI0qVJ+n8lKMvDw==
ETag
0x8D099AFA5FD9FE9
Content-Type
image/png
x-ms-request-id
4f94246c-701e-006c-2995-10d626000000
x-ms-version
2009-09-19
Content-Length
116244
1298d874-c634-4884-bc87-f721627a5027.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/1298d874-c634-4884-bc87-f721627a5027.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e495cf67a02f9ad05bf3383f48c0a421c799d957dc6f645ea7d5f19698eecb34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Fri, 21 Nov 2014 03:31:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
AL4JVBZhtIms1nTTw0M/Gg==
ETag
0x8D1D352C11CC110
Content-Type
image/png
x-ms-request-id
a0b04997-701e-0021-7495-1019ca000000
x-ms-version
2009-09-19
Content-Length
37768
2445d435-684e-47f4-9741-2c08efe0d7be.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2445d435-684e-47f4-9741-2c08efe0d7be.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
71163bc69ff5bf9cea6c1477ae6f7f7034ed805c2c8a85c296bf3900c8ff9a4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Thu, 01 May 2014 11:36:33 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Rn9b55O2nRdk98VIgFrtLg==
ETag
0x8D13348BCE0584C
Content-Type
image/png
x-ms-request-id
892d907e-d01e-0081-0f95-109d6b000000
x-ms-version
2009-09-19
Content-Length
90140
ogUka1U3t0SPR0KMJjS3eg.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ogUka1U3t0SPR0KMJjS3eg.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0af78999b748385f2a5d661436a2b4236d77b813909b22ffd9ca587f3b1f1a02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Wed, 07 Dec 2022 23:41:26 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XKawgJghCJGOq5/p9MhV8Q==
ETag
0x8DAD8AC8E55364F
Content-Type
application/octet-stream
x-ms-request-id
ef51436c-d01e-004a-3495-109e3e000000
x-ms-version
2009-09-19
Content-Length
214488
94a4ca6e-ad0c-4c3d-b463-eae21cbbbe8f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/94a4ca6e-ad0c-4c3d-b463-eae21cbbbe8f.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
36a112f46433a6aa94207c5e827a9619ab9dd4890bc1d7c8f97f79364888f31e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Fri, 18 Oct 2013 00:08:24 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
1tgU/9ApekKFDWh6uqPqcg==
ETag
0x8D099AD4BF1C8EC
Content-Type
image/png
x-ms-request-id
72a676e8-701e-0053-7c95-101e85000000
x-ms-version
2009-09-19
Content-Length
77735
roHPP1e6-0mgD1sSP9ArnQ.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/roHPP1e6-0mgD1sSP9ArnQ.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0af78999b748385f2a5d661436a2b4236d77b813909b22ffd9ca587f3b1f1a02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Wed, 07 Dec 2022 23:41:28 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XKawgJghCJGOq5/p9MhV8Q==
ETag
0x8DAD8AC8FF0A931
Content-Type
application/octet-stream
x-ms-request-id
17dd8e11-a01e-0050-5595-10ffe1000000
x-ms-version
2009-09-19
Content-Length
214488
ihIXdIq5jkqClFLygq-wpg.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/ihIXdIq5jkqClFLygq-wpg.medium.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ca7c9529200b9f8f67c483b219880549e83fd8fe424775799b5f427f353b22dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Sat, 18 Jun 2022 15:15:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
qBWhfklCIZ/WO0FI5WzsoQ==
ETag
0x8DA513D5C79CDBE
Content-Type
application/octet-stream
x-ms-request-id
a0b049cf-701e-0021-2995-1019ca000000
x-ms-version
2009-09-19
Content-Length
22391
e98b4359-6c38-4b5f-b43d-784f0d048f7f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/e98b4359-6c38-4b5f-b43d-784f0d048f7f.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b082e03f6c8051c09aaf347c0b637db91d38caf3df067d126e8e09dfa3abf6e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Fri, 18 Oct 2013 01:38:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
KhrYI6AMi5rcfn9zrdiy5g==
ETag
0x8D099B9D431EB39
Content-Type
image/png
x-ms-request-id
4f9424e6-701e-006c-1a95-10d626000000
x-ms-version
2009-09-19
Content-Length
100309
GK4p1Z1rTkigEBC0mJiDzA.medium.jpg
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/GK4p1Z1rTkigEBC0mJiDzA.medium.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ef3eda8c428c6068d99d069a0ec24e49e3c6d68d4f273223a4846ef5f7dcc759

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Tue, 29 Nov 2022 19:43:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
gDD7gnBYnKFvgHZtiXLu6g==
ETag
0x8DAD2420F473084
Content-Type
application/octet-stream
x-ms-request-id
72a67771-701e-0053-7b95-101e85000000
x-ms-version
2009-09-19
Content-Length
50019
d5191794-19e4-41a4-9449-97ed8914a210.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/d5191794-19e4-41a4-9449-97ed8914a210.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
05e1266ebcd0f30fd95b69de06ec2de288f14e470b8f91bcdb29ada6fda44660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Tue, 23 Sep 2014 04:35:59 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
wnOSivNZdyfwAerI6nql3w==
ETag
0x8D1A4FF023D3590
Content-Type
image/png
x-ms-request-id
a0b04a04-701e-0021-5c95-1019ca000000
x-ms-version
2009-09-19
Content-Length
109862
64788fc9-7a43-4ee9-aa4a-be1f0cbf7a8a.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/64788fc9-7a43-4ee9-aa4a-be1f0cbf7a8a.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4743991cdbb215c7ca0a2c4f73731132afb1e9b0130ded7efe23c0906882836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Fri, 18 Oct 2013 07:53:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
+PZ53Rw2C7opHouCNMENyg==
ETag
0x8D099EE384E61D8
Content-Type
image/png
x-ms-request-id
892d9147-d01e-0081-5495-109d6b000000
x-ms-version
2009-09-19
Content-Length
98974
4ce8682f-bc7a-47c0-bcbd-6f8e61b2291e.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/4ce8682f-bc7a-47c0-bcbd-6f8e61b2291e.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
90b5da434bb6f73819b12c820428225aa8a4ee7f161f37bddd81cabed059c67b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Tue, 23 Sep 2014 04:36:07 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
G1ZXKIYGAN2gZYBv/3xsqg==
ETag
0x8D1A4FF06D0A060
Content-Type
image/png
x-ms-request-id
ef514435-d01e-004a-7495-109e3e000000
x-ms-version
2009-09-19
Content-Length
42890
0d4a3f1a-d60f-45e8-a916-1fa5deadc316.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/0d4a3f1a-d60f-45e8-a916-1fa5deadc316.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50b5e25c6ccabbfc1553fbdbdf2b098572e2d9aef37745468425e668d676b08c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Fri, 18 Oct 2013 00:05:55 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Ovb7ll4CrLNCB5wYUDbKYw==
ETag
0x8D099ACF33E96BD
Content-Type
image/png
x-ms-request-id
17dd8ed7-a01e-0050-0b95-10ffe1000000
x-ms-version
2009-09-19
Content-Length
109881
45828d3b-e5de-4764-95b0-8ef9ef3bb863.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/45828d3b-e5de-4764-95b0-8ef9ef3bb863.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b6ec190ec47bda2898ccef061edc9f2e18c1d7fec89fb6c627959281219e8176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Fri, 18 Oct 2013 01:03:57 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
WdjAIqbA2abZHEjJC3a8yg==
ETag
0x8D099B50EF3FFCE
Content-Type
image/png
x-ms-request-id
4f942507-701e-006c-3995-10d626000000
x-ms-version
2009-09-19
Content-Length
113214
bd3a038a-7c16-4116-8ffd-2a210530e12a.medium.PNG
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/bd3a038a-7c16-4116-8ffd-2a210530e12a.medium.PNG
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d1dd3c6b168af6b774887c668b6d81ca18bad0ab82c1dfb49f6850f6b3709cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Sat, 01 Dec 2018 06:35:18 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
IhQeTahkSW9/Qthrv+PwDA==
ETag
0x8D65757297553E2
Content-Type
image/png
x-ms-request-id
72a6778b-701e-0053-1595-101e85000000
x-ms-version
2009-09-19
Content-Length
16398
2af83571-5ec4-4798-99c9-19e36f5e1249.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/2af83571-5ec4-4798-99c9-19e36f5e1249.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e8eeff690401dd0378cbff5a174486e70beb94c55fb21cc8d53e9e2ed987880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:28 GMT
Last-Modified
Thu, 01 May 2014 09:21:36 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
XnUrjmLle1gyjnP1oopFhQ==
ETag
0x8D13335E26C3110
Content-Type
image/png
x-ms-request-id
ef514467-d01e-004a-2495-109e3e000000
x-ms-version
2009-09-19
Content-Length
129186
290afce8-7b31-4708-99af-2243c5dc6ad0.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/290afce8-7b31-4708-99af-2243c5dc6ad0.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bba1b7fc7dd3e23e4413b4ce0c33462aa68fdfeaae42c8bbc01fc28748fdb356

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Thu, 01 May 2014 08:43:05 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
bFmKCXLGwO/dQB4GSXVwBw==
ETag
0x8D13330813E5B3C
Content-Type
image/png
x-ms-request-id
17dd8f06-a01e-0050-3995-10ffe1000000
x-ms-version
2009-09-19
Content-Length
120029
81b8ac86-9575-4bf0-a8e3-7382ef984a0f.medium.png
citysparkstorage.blob.core.windows.net/portalimages/portalimages/ Frame 86CC 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citysparkstorage.blob.core.windows.net/portalimages/portalimages/81b8ac86-9575-4bf0-a8e3-7382ef984a0f.medium.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.81.107 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6c1e865ee34b8c4a738f3ead1190213fa4dda5ae85287e74ad27949e243af89d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 15 Dec 2022 14:57:27 GMT
Last-Modified
Fri, 18 Oct 2013 00:13:04 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
gWISnTgV4tmxn95kKWe/WA==
ETag
0x8D099ADF2DA839B
Content-Type
image/png
x-ms-request-id
a0b04a3d-701e-0021-1095-1019ca000000
x-ms-version
2009-09-19
Content-Length
141125
/
www.thetimestribune.com/tncms/tracking/tncms-dmp/audience-extraction/ 		0
154 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.thetimestribune.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A6880%2C%22provider%22%3A%22lotame%22%7D&rd=thetimestribune.com.admin-us2.cas.ms&i=1671116246741,
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
real-hostname
thetimestribune.com
cache-control
s-maxage=0, private, no-cache
x-vcache
MISS
age
0
content-length
0
content-type
application/octet-stream
analytics.js
www.google-analytics.com/ Frame 1BE5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:44:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
794
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 16:44:14 GMT
flipp-logo.png
f.wishabi.net/creative/Distribution/ Frame 1BE5 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/creative/Distribution/flipp-logo.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
08f50c0aea90c1404e80f2281f96b66bb45c75b14feb9b0ec88ecdac73c25379

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
of_F6Gx.b0Hg8DA2xQF2NflN_t3dlY7v
via
1.1 google
date
Sun, 11 Dec 2022 22:38:03 GMT
x-amz-request-id
RV0R9VWJQE2JBGB5
age
317965
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11205
x-amz-id-2
geQHGituWk87nz/SnN5S0KyIxT4ymjNsJgoza0KuBos0x+Q8UX62eNYtMqMJhELouRMGOY0TH+M=
last-modified
Fri, 10 Aug 2018 15:11:58 GMT
server
AmazonS3
etag
"36e475efff95b099dc8b59f0161bf06a"
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
1671080544.jpg
f.wishabi.net/flyers/5380845/xl_thumbnail/ Frame 1BE5 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/5380845/xl_thumbnail/1671080544.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
63fa4b43c8c07c94dbb86cccc468194eea36e69e9556bccd4471c2aaa076f8d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
bX5TYlKQV7TF0uGVnU2tzKrN4FlAlC1K
via
1.1 google
date
Thu, 15 Dec 2022 05:09:19 GMT
x-amz-request-id
DXZVEG8VBHV3KD9T
age
35289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30757
x-amz-id-2
ygb9iE3Ejzk5/CnM5EFMUIMwdSAfWiACc6YMHnCj6nJmRl/rIW08qtyd8nnor6ROQeD3+vfAXXI=
x-amz-expiration
expiry-date="Fri, 14 Dec 2029 00:00:00 GMT", rule-id="flyer-data-glacier-after-18-months-expire-7-years-flyers"
last-modified
Thu, 15 Dec 2022 05:02:40 GMT
server
AmazonS3
etag
"aa1f5702ea69f654a027e67d034ec35b"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
xlarge
images.wishabi.net/merchants/806/1473286485/ Frame 1BE5 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/806/1473286485/xlarge
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
9a8270ba05b239e0f06e1a54f554852d097471d4b3568750045dfbad5b63ccaa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 04:11:07 GMT
via
1.1 google
last-modified
Wed, 07 Sep 2016 22:14:47 GMT
server
AmazonS3
x-amz-request-id
EE1QRK5CH6350T74
age
1248381
etag
"aef88530f04b801690b705023274ba57"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-amz-id-2
IdSJ7JqT+GcK+zjs6WQ+pKJ39SqKbk8+t/rAZ8KAHOjoCpl9TQVpXIMR/lJwKaPF0NNe3qjb6oE=
1670511747.jpg
f.wishabi.net/flyers/5371635/xl_thumbnail/ Frame 1BE5 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/5371635/xl_thumbnail/1670511747.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
b43a10f713cb2d2ec122925459ef31e8c8ba242e193619c8251bc670eb11a54f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
v301aoKv5Mij_vPoXeseeMYlwu4Cc72a
via
1.1 google
date
Sun, 11 Dec 2022 05:31:24 GMT
x-amz-request-id
SMRBNE38318D3J0D
age
379564
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59362
x-amz-id-2
jMRRQXgT6YW5sHHPliPAd8yaY2e1BpTlaSLXFjnUnBrrr3Ky4wfNr10xUPvN/h253UlEDJWai+o=
x-amz-expiration
expiry-date="Fri, 07 Dec 2029 00:00:00 GMT", rule-id="flyer-data-glacier-after-18-months-expire-7-years-flyers"
last-modified
Thu, 08 Dec 2022 15:02:44 GMT
server
AmazonS3
etag
"89f42f62674038a850a8a2dd06e2fa84"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
xlarge
images.wishabi.net/merchants/2150/1509716319/ Frame 1BE5 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2150/1509716319/xlarge
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
6eb4cf4c6d6b648863405c9b0ece8f08300639c4874d19841913b6b50dc12d03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 13:41:04 GMT
via
1.1 google
last-modified
Fri, 03 Nov 2017 13:38:44 GMT
server
AmazonS3
x-amz-request-id
Y7QFXKEMS9AM6YPT
age
1559784
etag
"e93e2b6d451bda8a4287447dfdae0c33"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57072
x-amz-id-2
vcIk5r1n/sOoXi7yyUxP1+5Tfr8KvgMJxGT16kucLY3ryvU33ZTdtrZYNmCgltA0TfO2mgum4xo=
1671041002.jpg
f.wishabi.net/flyers/5378872/xl_thumbnail/ Frame 1BE5 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/5378872/xl_thumbnail/1671041002.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
c46ebca5ed6f3ed92dd8f601e4829719f52d648579a6ea43f682db7c5d643072

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
lqeeSfYbX1QkOADywLwhduU.Yh6qK5ke
via
1.1 google
date
Thu, 15 Dec 2022 05:35:20 GMT
x-amz-request-id
JZ8TMH6SX42QR306
age
33728
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49478
x-amz-id-2
1TjlKC6cNaXRXeYA1IwkKgfxSHt69JK9JnDJOiKTKE9vOBug6yTMdRjPpszATYasKZoroUr91zY=
x-amz-expiration
expiry-date="Thu, 13 Dec 2029 00:00:00 GMT", rule-id="flyer-data-glacier-after-18-months-expire-7-years-flyers"
last-modified
Wed, 14 Dec 2022 18:03:35 GMT
server
AmazonS3
etag
"5075b4f95215d07ea6c3226b19721c09"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
mini_magick20201223-1-1h7fgb0.png
images.wishabi.net/merchants/FeWJA7o22AA9iA==/ Frame 1BE5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/FeWJA7o22AA9iA==/mini_magick20201223-1-1h7fgb0.png
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
f13ebf8aa6a052331161b451e28161436db794f4c6709caf4dfe1a2ba3ca7363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 17:44:45 GMT
via
1.1 google
last-modified
Wed, 23 Dec 2020 18:57:13 GMT
server
AmazonS3
x-amz-request-id
VTTZJFZEF8D9D79Q
age
249163
etag
"ac44f7bb9bf2eb1a03fb690d898f85e1"
content-type
image/png; charset=binary
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8923
x-amz-id-2
NIa+Ij2cfFLoQl6QRM8bH7S+QRPkyJM5nabt0dBVQXYQNnj31EuRZ/hXp0SsbcW6d8s+iik/tNg=
1670887440.jpg
f.wishabi.net/flyers/5381064/xl_thumbnail/ Frame 1BE5 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.wishabi.net/flyers/5381064/xl_thumbnail/1670887440.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.227.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
237.227.102.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
59b5fddb87ca80034316165d356657a6b3435bbdbd31e973262c6caa293249a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
sgA_OQ8_zqnc50QL63hOcdbTeOMPnLLB
via
1.1 google
date
Tue, 13 Dec 2022 06:36:30 GMT
x-amz-request-id
WJ4YJV40WJYR9XES
age
202858
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46318
x-amz-id-2
A/5pQOZFVFDQsPj6MPQ+yWBzMMKP+sVZrs0Ml4tKAM2ShigLiysftmKCSmx5UzgW4tLgVPp8x2w=
x-amz-expiration
expiry-date="Tue, 11 Dec 2029 00:00:00 GMT", rule-id="flyer-data-glacier-after-18-months-expire-7-years-flyers"
last-modified
Mon, 12 Dec 2022 23:24:10 GMT
server
AmazonS3
etag
"9bdf4e5a312ee3bb54d6dd50b7ac2830"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
xlarge
images.wishabi.net/merchants/2207/1400698283/ Frame 1BE5 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wishabi.net/merchants/2207/1400698283/xlarge
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.86.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.86.117.34.bc.googleusercontent.com
Software
AmazonS3 /
Resource Hash
4c149496f26e28a392aa10b8ed472c8a797fe4ba642ed6a609a2bf8841cb2871

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 19:25:14 GMT
via
1.1 google
last-modified
Wed, 21 May 2014 18:51:28 GMT
server
AmazonS3
x-amz-request-id
Z4HE0QABDCC57ATE
age
329534
etag
"92cace70da655310059e8a6a0c659995"
content-type
access-control-allow-origin
*
cache-control
public,max-age=86400
x-cache-hit
hit,LGA-991dec68
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4720
x-amz-id-2
NjHwUIw2smjzG3XBYxkpcjEAGBWkzHohbb74fZbi3wM21tnR+FUYksV9UA/pErjusDU/rRQA7Nc=
track.gif
a.wishabi.com/ Frame 1BE5 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=module&t=1671116248026&sid=bba8727d09a42d341fb86dacf986ea98&rnd=bc7d62b615d2a7af584350bc9e22f08f&fsa=10013&module_id=27217&channel_id=929&client_type=1&publisher_id=937&profile_available=false&targetable=false&targeting_type=none&targeted=false
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
9KOBxxDolkWt1-K2sfDwtrwlTaqeEo0SYAoUznmrKVkv0G45rnHE7w==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 1BE5 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1671116248029&sid=bba8727d09a42d341fb86dacf986ea98&rnd=bc7d62b615d2a7af584350bc9e22f08f&fsa=10013&module_id=27217&channel_id=929&client_type=1&publisher_id=937&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=5699&flyer_run_id=846357&flyer_id=5380845&merchant_id=806&premium_merchant=false&in_targeting_profile=false&budget_id=57946
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
NMrhWiTeoGI-ihNNtBHVvvtyi8TNbAj07MXQO7geWbR00nKXX-NDqQ==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 1BE5 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1671116248030&sid=bba8727d09a42d341fb86dacf986ea98&rnd=bc7d62b615d2a7af584350bc9e22f08f&fsa=10013&module_id=27217&channel_id=929&client_type=1&publisher_id=937&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=269&flyer_run_id=827905&flyer_id=5371635&merchant_id=2150&premium_merchant=true&in_targeting_profile=false&budget_id=58618
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
Ut_h36n8i_dZdTGnLMKDozbTbc6wLAN1m0uZX4FZXqRTzPtxCoQYGg==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 1BE5 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1671116248030&sid=bba8727d09a42d341fb86dacf986ea98&rnd=bc7d62b615d2a7af584350bc9e22f08f&fsa=10013&module_id=27217&channel_id=929&client_type=1&publisher_id=937&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=10144&flyer_run_id=821991&flyer_id=5378872&merchant_id=6114&premium_merchant=false&in_targeting_profile=false&budget_id=48996
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
TcIsJitdLkDHOgu2okEamGdGGUduKyFdXRvIVkAOAquRsG0qmk1DRA==
x-cache
Miss from cloudfront
track.gif
a.wishabi.com/ Frame 1BE5 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.wishabi.com/track.gif?aid=editorials&mt=widget&et=view&st=flyer&t=1671116248030&sid=bba8727d09a42d341fb86dacf986ea98&rnd=bc7d62b615d2a7af584350bc9e22f08f&fsa=10013&module_id=27217&channel_id=929&client_type=1&publisher_id=937&profile_available=false&targetable=false&targeting_type=none&targeted=false&flyer_type_id=336&flyer_run_id=840043&flyer_id=5381064&merchant_id=2207&premium_merchant=true&in_targeting_profile=false&budget_id=58934
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-74.cmh68.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 10119f8e1f785cbedffe9dc0788ea76a.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-amz-cf-id
xI_WtXF-uziiE2b57l84-2MXzxTiu7x2sUzFFxRJLQgwzPiQgEfZ9w==
x-cache
Miss from cloudfront
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=2:1,2,0,0,0,true,0,,0,0,U21552b65fefb36,adb_leaderboard_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&b=2:1,5,22h8pxy,10rpxnh,1rikkz8h,,236vghz,8c`6y,1rikkz8h,236vghz,U351d602d27c31,adb_mediumRectangle_btf1,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&b=2:1,4,22h8pxy,10rpxnh,1rikkza2,,236l694,8c`6y,1rikkza2,236l694,U47ec49b6d6c842,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T3em&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.6yo.1.0&m=z&rnd=1671116248036
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 014F 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=F0hhdPZHdKReb32SS-6T_Si-&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F2WDC0SY5EXCBRWZ5MT5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 014F
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/sovrn?zcc=1&cb=1671116248243
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7338919184
  • https://sync.1rx.io/usersync/tradedesk/e063f1e7-594f-448d-9ec8-39652287366a
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Date
Thu, 15 Dec 2022 14:57:29 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RXb12f8499679e438aa2ab7c7566dc1e35005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
merge
ce.lijit.com/ Frame 014F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=F0hhdPZHdKReb32SS-6T_Si-&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:28 GMT
Server
MT3 254 34fcae8 master ord-pixel-x3 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://ce.lijit.com/merge?pid=3&3pid=25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 14:57:27 GMT
merge
ce.lijit.com/ Frame 014F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=bf366404-1d0c-476a-946f-44374452a18f
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=bf366404-1d0c-476a-946f-44374452a18f
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=bf366404-1d0c-476a-946f-44374452a18f
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 014F
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RjBoaGRQWkhkS1JlYjMyU1MtNlRfU2kt&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RjBoaGRQWkhkS1JlYjMyU1MtNlRfU2kt&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:28 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RjBoaGRQWkhkS1JlYjMyU1MtNlRfU2kt&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 014F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=969470210586592007
43 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=969470210586592007
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=969470210586592007
Date
Thu, 15 Dec 2022 14:57:28 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7AF2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=d6070ee0-2281-448b-aeff-de36832e2b08
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J37GJAXEY7HC865ZAFTV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 7AF2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-09b64d33-3e11-42bb-4df1-c19b61e24799$ip$5.181.234.158
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-09b64d33-3e11-42bb-4df1-c19b61e24799$ip$5.181.234.158
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-09b64d33-3e11-42bb-4df1-c19b61e24799$ip$5.181.234.158
Date
Thu, 15 Dec 2022 14:57:28 GMT
Connection
keep-alive
Content-Length
171
Content-Type
text/html; charset=utf-8
v1
match.sharethrough.com/sync/ Frame 7AF2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
AN-X-Request-Uuid
af2f5c89-ccd3-411a-a42c-9ba6db5bd42f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 7AF2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
AN-X-Request-Uuid
94713f1a-e71f-47f4-aeeb-7dda1e484617
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=57988376775515890
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 7AF2
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DSvWuQHUbMWnhsCDYjeaq81U2%26source_user_id%3D%24%7BTM_USER_ID%7D%0A
  • https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Y5s12AAEM5AzzAAF
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Y5s12AAEM5AzzAAF
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-served-by
cache-ewr18123-EWR
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671116248.451248,VS0,VE0
x-cache
HIT
location
https://match.sharethrough.com/sync/v1?source_id=SvWuQHUbMWnhsCDYjeaq81U2&source_user_id=Y5s12AAEM5AzzAAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 86CC 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@3.3.1,npm/slick-carousel@1.8.1,npm/angular@1.2.32/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
  • https://usersync.gumgum.com/usersync?b=apn&i=57988376775515890
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=57988376775515890
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
AN-X-Request-Uuid
4bdbed98-9766-4fd9-a242-610b42722166
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=57988376775515890
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10594014441606866446&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d1eed283-136f-4d2c-a332-987d17084c78&ssp=gumgum2&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10594014441606866446&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=213510604366009389182&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594014441606866446&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=bsw&i=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-56331215-5e50-4dd4-72c9-48cf495869f6$ip$5.181.234.158
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-56331215-5e50-4dd4-72c9-48cf495869f6$ip$5.181.234.158
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-56331215-5e50-4dd4-72c9-48cf495869f6$ip$5.181.234.158
Date
Thu, 15 Dec 2022 14:57:28 GMT
Connection
keep-alive
Content-Length
127
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_b12a4661-ff14-46b6-9474-e45db24e9122&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=GnCmVp3K2LR_Lyr0T6vr&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVDW4Q3NKZYDGSZSJRJF6TDZOIYFINTWOI
  • https://usersync.gumgum.com/usersync?b=zem&i=GnCmVp3K2LR_Lyr0T6vr
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=GnCmVp3K2LR_Lyr0T6vr
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=GnCmVp3K2LR_Lyr0T6vr
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1671116248245
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4681687459
  • https://sync.1rx.io/usersync/tradedesk/e063f1e7-594f-448d-9ec8-39652287366a
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Date
Thu, 15 Dec 2022 14:57:29 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RXb12f8499679e438aa2ab7c7566dc1e35005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=NMufRRKAvvUx&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=NMufRRKAvvUx&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=NMufRRKAvvUx&ev=1&pid=558355
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-fbcf948bf-chfjj
expires
-1
cookie-sync
sync.outbrain.com/ Frame F06A
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%288QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_b12a4661-ff14-46b6-9474-e45db24e9122&obuid=ENC(8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_priv...
  • https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV&uid=72b72d11-6f4...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV&uid=72b72d11-6f4c-0610-1618-86951cfa5c1f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
no-cache
X-TraceId
952049cca76878c7bb4c261dae7c26c6
Content-Length
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.outbrain.com/cookie-sync?p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&obUid=8QaarZm_-QF50JSNoa4wJRw5KtdJZ4Ov0PYBNy01Mfj1zRh62Mnyn1lvyAs9FUSV&uid=72b72d11-6f4c-0610-1618-86951cfa5c1f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=359ba066-38b7-03ba-120c-c4d56c119a72
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=359ba066-38b7-03ba-120c-c4d56c119a72
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=359ba066-38b7-03ba-120c-c4d56c119a72
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ZuS8tz9E2pdgGGstMz6wS1dQcvUNkeUWolMG~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ZuS8tz9E2pdgGGstMz6wS1dQcvUNkeUWolMG~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ZuS8tz9E2pdgGGstMz6wS1dQcvUNkeUWolMG~A
content-length
0
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=b01a49f8-8e86-477e-8aa4-15060e6da8b6
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Date
Thu, 15 Dec 2022 14:57:28 GMT
Connection
keep-alive
X-CI-RTID
ae086ec7-602c-4246-af66-087ad03253a9
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=9A307D73CAD14ED89F8FE7E5256360AF
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=9A307D73CAD14ED89F8FE7E5256360AF
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
454562190
location
https://usersync.gumgum.com/usersync?b=snc&i=9A307D73CAD14ED89F8FE7E5256360AF
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame F06A 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 15 Dec 2022 14:57:28 GMT
server
c
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=4b03b005-7935-4f69-8c20-44671a57d39c
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=4b03b005-7935-4f69-8c20-44671a57d39c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=4b03b005-7935-4f69-8c20-44671a57d39c
access-control-allow-origin
*
date
Thu, 15 Dec 2022 14:57:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame F06A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1743175450290086261
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1743175450290086261
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1743175450290086261
date
Thu, 15 Dec 2022 14:57:27 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame F06A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_b12a4661-ff14-46b6-9474-e45db24e9122
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
65VTKBP2N6BBDVCTDYM9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 7BE1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55667
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:25:15 GMT
usersync
usersync.gumgum.com/ Frame 9361
Redirect Chain
  • https://sync.inmobi.com/oRTB?gdpr_consent=&gdpr=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://usersync.gumgum.com/usersync?b=inm&i=ID5-3598dYeMH9LTtopk_3At5NEMerxF1_87bLVOkpu5Og
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=inm&i=ID5-3598dYeMH9LTtopk_3At5NEMerxF1_87bLVOkpu5Og
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

date
Thu, 15 Dec 2022 14:57:28 GMT
location
https://usersync.gumgum.com/usersync?b=inm&i=ID5-3598dYeMH9LTtopk_3At5NEMerxF1_87bLVOkpu5Og
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0088 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.240.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59348
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:28 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 07:26:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 5E27
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e063f1e7-594f-448d-9ec8-39652287366a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=e063f1e7-594f-448d-9ec8-39652287366a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Thu, 15 Dec 2022 14:57:28 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=e063f1e7-594f-448d-9ec8-39652287366a
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 9030
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=bb6e639b-35d8-4700-b24f-66a0bc478f25&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=bb6e639b-35d8-4700-b24f-66a0bc478f25&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
Thu, 15 Dec 2022 14:57:27 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 180 1fd3e2d master ord-pixel-x7 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=bb6e639b-35d8-4700-b24f-66a0bc478f25&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame F0E1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
  • https://usersync.gumgum.com/usersync?b=atm&i=Y5s12AAEM5AzzAAF&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y5s12AAEM5AzzAAF&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 15 Dec 2022 14:57:28 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y5s12AAEM5AzzAAF&gdpr=&gdpr_consent=&_test=Y5s12AAEM5AzzAAF
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18123-EWR
x-timer
S1671116248.314349,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 6587 		170 B
502 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9iMTJhNDY2MS1mZjE0LTQ2YjYtOTQ3NC1lNDVkYjI0ZTkxMjI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 4A07
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=57988376775515890&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFV...
  • https://usersync.gumgum.com/usersync?b=emx&i=57988376775515890brt56801671116248297150af
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=57988376775515890brt56801671116248297150af
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 14:57:28 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=57988376775515890brt56801671116248297150af
usersync
usersync.gumgum.com/ Frame 9D66
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y5s12MCo5ssAAI3nxagAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y5s12MCo5ssAAI3nxagAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:28 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y5s12MCo5ssAAI3nxagAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
32
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40001.dc2p.scaleout.jp
X-SO-IP
5.181.234.158
X-SO-Key
Y5s12MCo5ssAAI3nxagAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"5.181.234.158","key":"Y5s12MCo5ssAAI3nxagAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40001"}
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40001
usersync
usersync.gumgum.com/ Frame 2F5E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D&s=189872&C=1
  • https://usersync.gumgum.com/usersync?b=iex&i=Y5s12O09IR-LnG.t1VrL1AAA%26145
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y5s12O09IR-LnG.t1VrL1AAA%26145
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a008286f7a8c8d-EWR
content-length
0
date
Thu, 15 Dec 2022 14:57:28 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y5s12O09IR-LnG.t1VrL1AAA%26145
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzM0w3TMxpwTdf0tTIcDiZ%2FrzjsFfz09nnHxrJeWrmm2arpSrD1vTVCxkmrD5%2B%2BYL41UA3qmIpnTcyzN3y9Mr6sHYdAxAgcpdVBc7wkJcyC5ohwjOZiwCQWeilCjJHE4BPP4SjzoY5wW6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 543C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=t3Z2AE7y1EhbQ0RUc4Z5&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=t3Z2AE7y1EhbQ0RUc4Z5&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:28 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 15 Dec 2022 14:57:28 GMT Thu, 15 Dec 2022 14:57:28 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=t3Z2AE7y1EhbQ0RUc4Z5&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 65FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 14:57:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 15 Dec 2022 14:57:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
v2gahlOoBQ7G-j4T7NMmKgAJxsZtPNIhJp1rcUsJ86hQ3QDWghkYB1Hy44gF0_8vkW5LZpLtwjQ
bandborder.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bandborder.com/v2gahlOoBQ7G-j4T7NMmKgAJxsZtPNIhJp1rcUsJ86hQ3QDWghkYB1Hy44gF0_8vkW5LZpLtwjQ
Requested by
Host: bandborder.com
URL: https://bandborder.com/v2/0/yisee9jC_KWgyn-9XvSa5EbZJEY5eNHMSCSppYowii1L7Selu_02l80
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Thu, 15 Dec 2022 14:57:28 GMT
via
1.1 google
x-buildnumber
718439402
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
x-hostname
fen-hoothoot-us-east1-spot-q1h3
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
events
bidder.criteo.com/csm/ 		0
224 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 14:57:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
view
securepubads.g.doubleclick.net/pcs/ Frame B69E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_4nYzjSlFFuGQwSwTmT9woclsicMsMhXZewucIBb6z9sC3Scd2er9HG2fg3_Xv0PxPxukG_hsRbRHNH_db9ssK3uFpSkgvk9f6mywCTtwKKSzU7uUjdaW1jBiLsmly6ZL0281YGd-bOO5P1Ogm8_9cgP23Oty3iD6kvs19bHKdWikq2h7_GBUxt_pNW0d9tWysdWP6peedixj-McRmoHbaGgng3HnODfBYEsHIjD2rQGNPpkuL8XD5dizgqk7yFwDq-ifeqwJJO9ovi0LmJ4nEsNhvIAaxRUdRZ2WV3ay20z_79wOdksIjwjs4UgtXlbAB6xwFsNwtghjrzmthlIA7llxVn6Q4UUC_QnnU9-E9Q&sai=AMfl-YQAhvPxxaj1g-xsbsKyNyK4DgtAKFM8ABzmJnK5awUH4bSQFk4TK3_9T7J_m1wqdmicpglelVBC9xqCSKe-npB07FTsDd_e6qoC7-UOY7lkqRJb-1nmmpNqEpyndXjWdeINxZ_K_tJMN-vh8NjMp0s&sig=Cg0ArKJSzGbua1iBPSx2EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A419 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcFNsIZRKFJUX3-WnZNy2Xp4gLzYmNqTzLfgsIcp3DEUja1HDhEofwo9Ks6RaV-WUTUEpPqCbgQ5T2izRSX2B1FsjBFXNd1SD_zK8L62GapoVDDnAdsUtDrMihx-AmpdxTYiVKrIQ5uwoGHZH6-mzBHwcSg2KLLefvNXpJNiodwRnswnT5LGHP2KMZALxz1v5VXhWfd-OPO2p8l1go5iwEzomMDxLJLhF7Z9xgpjiiYei7VNEG-FSCtXxr89CXXoNZru8p59Y8XXVdojJSc6mL-c36b5DgSzUUdWSfIIFzYcxahog1KOWxz9pJgTAZillMKe6vz03MpmsJD5CEWiyzgQqyR65WZO1auvufkyBRYw&sai=AMfl-YTYJpXE8fhphJvolB6FB4yJSaop-qa4vd3w5RDUdSKYEm2S7WzLhqJXMCK067CtQ8q6ghytcRXxYI2_dKvsGtGKU4v8I4F0DwMkgaJY2pmQaTNX1WiKumzx--qiJ4iZcP6pDxBXguJ_ZJW-cgprzQ0&sig=Cg0ArKJSzPt_FeHAgn6mEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:28 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156557&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156557%26pr%3Dhttps%253A%252F%252Fmatch.sharethrough.com%252F...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjY1Q0M2MTctMUU1MC00NzBBLTk2QjUtNjU3MDU0QkFBOEY5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156557&pr=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DuFFr5RFBYgoUJbWMAWGEZKS3%26source_user_id%3D265CC617-1E50-470A-96B5-657054BAA8F9
  • https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=265CC617-1E50-470A-96B5-657054BAA8F9
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=uFFr5RFBYgoUJbWMAWGEZKS3&source_user_id=265CC617-1E50-470A-96B5-657054BAA8F9
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=1400852277535726&vrg=2022120501&nw_id=9869277&nslots=13&eid=31070872%2C31071151%2C31071221%2C31071125%2C676982961&pub_url=https%3A%2F%2Fwww.thetimestribune.com%2F&qid=CP-XmpLx-_sCFY3NswodPQwJTg&iu=%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&e=512&ret=300x250&req=300x250%7C300x600&bm=0&efh=1&stk=0&ifi=4
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vf-css.a6ecf554f3902a9351e4.js
cdn.viafoura.net/chunks/ 		324 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.a6ecf554f3902a9351e4.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a21cf24188244a6587b50e7d15e9941c48b2b966749e6c35d678950035c9f387

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:39 GMT
x-amz-version-id
b7imte14WptMhyX2nGRBuzwU45z46YAl
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69470
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:10 GMT
server
AmazonS3
etag
W/"1b064dc75c05dca1f9efba191636ac2f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
WQewIisam7EvKIrNBslqv-A6xSMbiMFoLl-nlZo7kZd2hZtcAUFEtQ==
ecm3
s.amazon-adsystem.com/ Frame 7BE1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LBP7GRR0-23-4BUC
  • https://s.amazon-adsystem.com/ecm3?id=LBP7GRR0-23-4BUC&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LBP7GRR0-23-4BUC&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
88BVSEA3SK2AXS7TDVNG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LBP7GRR0-23-4BUC&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
usync.js
eus.rubiconproject.com/ Frame 65FA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55667
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:25:15 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 26F1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
273
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77a00829daa38ce8-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:28 GMT
expires
Thu, 15 Dec 2022 18:57:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 342D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63043187&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0138c95496b9d5fb5771fb66849dd396d7d7b1f49de278af960f657fa65327ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 15 Dec 2022 14:57:28 GMT
content-length
1590
content-type
text/html; charset=UTF-8
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thetimestribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		98 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1400852277535726&correlator=3619284497951806&eid=31070872%2C31071151%2C31071221%2C31071125%2C676982961&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=9869277%2Ccnhi%2Cthetimestribune%2Cweatherhousead%2Clargevideoplayer%2Creveal%2Ctotalaudience%2Crichmedia&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7&prev_iu_szs=120x60%2C120x60%2C1x1%2C1x1%2C300x250%2C728x90%7C970x250%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x90&ifi=5&adks=4113034245%2C4113034362%2C3869054757%2C687035173%2C1108690238%2C1835935768%2C2609554396%2C1836049439%2C4183699318&didk=3256750082~3256750083~2718883687~2484246273~1804609911~3574811645~3043497558~3574853789~4282915209&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1&ists=32&prev_scp=pos%3Dbtf1%26adb_imp%3D1%7Cpos%3Dbtf2%26adb_imp%3D1%7Cadb_imp%3D1%7Cadb_imp%3D1%7Cpos%3Dbtf2%26amznbid%3D152vx8g%26amznp%3D1ujco3k%26amzniid%3DJFz-BEnFCXoEdgfbarkLL0gAAAGFFkpT8QEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBJHSLz%26amznsz%3D300x250%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf2%26amznbid%3D1vpsxz4%26amznp%3D1ujco3k%26amzniid%3DJIT4gvx9UpaWSyHiSJi6lSYAAAGFFkpT8gEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICCJK5nh%26amznsz%3D728x90%26adb_imp%3Dlzno%2C1%26adb_vs%3Dhigh%2Cblock_fl%2Cblock_std%26adb_bdr%3Dconcert%26adb_hbc%3D15.20-15.24%26adb_adid%3D14.B23156e0c61007571%7Cpos%3Dbtf3%26amznbid%3D152vx8g%26amznp%3D1ujco3k%26amzniid%3DJCmpCPRgLQkFVaBWrclvH6EAAAGFFkpT8gEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICB-0Oav%26amznsz%3D300x250%26adb_imp%3Dlzno%2C1%26adb_bdr%3Dnone%7Cpos%3Dbtf%26amznbid%3D5kbw8w%26amznp%3D1ujco3k%26amzniid%3DJE8mT0HOCu5pXO2HzVGB7bgAAAGFFkpT8gEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBrllHE%26amznsz%3D728x90%26adb_imp%3Dlzno%2C1%26adb_vs%3Dhigh%2Cblock_fl%2Cblock_std%26adb_bdr%3Dconcert%26adb_hbc%3D15.20-15.24%26adb_adid%3D3.B232b0cb82aefb366%7Camznbid%3D1vpsxz4%26amznp%3D1ujco3k%26amzniid%3DJAzfS5NUy8sYMiALwQr6XrIAAAGFFkpT8gEAAAJYAQBOL0EgICAgICAgICAgICBOL0EgICAgICAgICAgICBqj2lz%26amznsz%3D728x90%26adb_imp%3Dlzyes%2C1%26adb_bdr%3Dnone&eri=1&cust_params=section%3Dhomepage&sc=1&cookie=ID%3Dd3ff58f1df784131%3AT%3D1671116246%3AS%3DALNI_MYT8VUcZkfNFLM5hDTQ_YzRLYTzKg&gpic=UID%3D000008d4306f9484%3AT%3D1671116246%3ART%3D1671116246%3AS%3DALNI_Mblj257qty8pouUtVNBnorxCgiZAA&abxe=1&dt=1671116248688&lmt=1671115919&dlt=1671116244024&idt=886&adxs=1190%2C1350%2C150%2C150%2C1180%2C8%2C1180%2C8%2C436&adys=4367%2C4367%2C8937%2C8937%2C4577%2C4546%2C5612%2C6898%2C1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7C0&ucis=5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thetimestribune.com%2F&ref=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&frm=20&vis=1&psz=300x0%7C300x0%7C1360x714%7C1360x714%7C300x10%7C1584x42%7C300x10%7C1584x52%7C1600x-1&msz=120x0%7C120x0%7C1x-1%7C1310x0%7C300x0%7C1584x0%7C300x0%7C1584x0%7C1600x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C300%2C1600%2C1600%2C1600%2C1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tu1sbX0sDXYSaC_YKsi-o1B5IMffk3nZCgUZpEEMHCzL8tsISuF-H-yH_qsKqK8jzhGdRswM9_G_30mjvmcI72irlafgegSalAorxw%2CACgb8tvVv7CQR7gUI7HmQoKUeWo4XJZfQdaCUyicvzlFegFHTQm3bRzAebqOTvNGcISWoKQMv9lyPPHlNAicBRfqszuP0wer7sK0A-UwfCI&ga_vid=333536868.1671116245&ga_sid=1671116247&ga_hid=1089137470&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64013cc8145a18e0c8cd0a3ae378f4d516f71c7335e5ab7f84aad5a8630b7e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19716
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,4546508615,5485589006,-1,5485589006,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,138260249438,138407207106,-1,138407203527,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BE1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BZEuIP20wfjwtrDVuIm0Zsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-rP5efzdE2oK3SkG9XPC3ynXR7TJU0DR89mRhjA--~A
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-rP5efzdE2oK3SkG9XPC3ynXR7TJU0DR89mRhjA--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-rP5efzdE2oK3SkG9XPC3ynXR7TJU0DR89mRhjA--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7BE1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7BE1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1KR1oYE3SMulU9764glcow&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1KR1oYE3SMulU9764glcow
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1KR1oYE3SMulU9764glcow
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1W3FW72RX19V0BV0VB5Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1KR1oYE3SMulU9764glcow
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 7BE1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY2NjM0ZWQwNTNlYTVlOWMxM2M3NTAzMjFjOWRhZDRkNTFkNjc3MQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY2NjM0ZWQwNTNlYTVlOWMxM2M3NTAzMjFjOWRhZDRkNTFkNjc3MQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzY2NjM0ZWQwNTNlYTVlOWMxM2M3NTAzMjFjOWRhZDRkNTFkNjc3MQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7BE1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=&expires=30
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7BE1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XKNKYZZTKBA62VRNKATZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 7BE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7JaJAOcDwzbSGJbOXzMq8&google_cver=1
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7JaJAOcDwzbSGJbOXzMq8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO7JaJAOcDwzbSGJbOXzMq8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 7BE1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBP7GRR0-23-4BUC
0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBP7GRR0-23-4BUC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:28 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6E699F34DEE84EEF8F833CAA3DDD6B9B Ref B: EWR30EDGE1612 Ref C: 2022-12-15T14:57:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXv3xJnbBNyfZkLDJBHjA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBP7GRR0-23-4BUC
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.html
cdn.concert.io/lib/bids/ Frame 6AC1 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/sync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
39345
cache-control
max-age=86400
content-length
4617
content-type
text/html
date
Thu, 15 Dec 2022 14:57:28 GMT
etag
"2e249336f5d89d6f82c998cf8004a382"
last-modified
Thu, 10 Nov 2022 20:31:17 GMT
server
AmazonS3
via
1.1 varnish
x-amz-id-2
pryaFjbsTda3VPKjjmpC6hrHNR/+TFxD5iRFNAub3kMqU7MdR2cBo7dXBlJrl26vgaWsgZEVmkk=
x-amz-request-id
FR7RMRDBPJ0RGMGQ
x-cache
HIT
x-cache-hits
475
x-served-by
cache-ewr18123-EWR
x-timer
S1671116249.822469,VS0,VE0
/
adspsp.com/pt/1710310/11/3/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/11/3/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=0,1,2,3,4,5:0,6,,76:7,8,,8n:9,a,,85:b,c,,87:d,e,,84:f,g,,cG:h,i,,8c:j,i,,7h&b=0,1,k,l,m,5:0,n,,77:7,o,,8n:9,p,,85:2,q,,8f:2,q,,8f:d,r,,84:d,r,,84:f,s,,cG:f,t,,cG:h,u,,8c:v,w,1,cS,x,5O,y,0,0,z,,15.2,:j,A,,7h&b=0,1,B,C,D,5:0,E,,77:7,F,,8n:9,G,,85:2,q,,8f:b,H,,87:b,I,,87:d,J,,84:d,J,,84:f,K,,cG:f,L,,cG:h,M,,8c:j,M,,7h&b=0,1,N,O,P,5:0,Q,,77:7,R,,8n:9,S,,85:2,q,,8f:2,q,,8f:b,T,,87:d,U,,84:d,U,,84:f,V,,cG:h,u,,8c:v,w,1,cT,x,5O,y,0,0,W,,15.2,:j,u,,7h&b=0,1,X,Y,Z,10:0,11,,77:7,12,,8n:9,13,,85:2,q,,8f:2,q,,8f:b,14,,87:b,15,,87:d,16,,84:d,17,,84:f,18,,cG:f,19,,cG:h,1a,,8c:j,1a,,7h&bi=2,A109cf12812dc2ab7,6,U86e61d76052531f,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience,728106,4,540161677,5,11747857,8,4627232,10,206474,33,RdDNDHspumwjeZ0rUNnd0pI3,115,8a969412017373b5acfab636c1720056,187,14,U89f3a7d06105028,adb_leaderboard_mid,843112,540161674,12812950,6708,213819,ccVECva4DSFcmufUCsC4hRze,RhAhHL3X0jLoZaEznwQUyb71,8a969412017373b5acfab636bb140053,172,CNHI,620x366,USD,138417154843%7C35745b72-b3fc-4271-b75b-f6cb8b4efcfc,8a969d5c017e7ef9c845ff66b77e0091,7,U901242f55550ac,adb_mediumRectangle_btf3_flex,728120,540161678,11747862,4627235,4627238,206475,dud0WW7nNOo36hYmTXQelFuy,GHSbYsaobKCFcdXjiEKcq6Z3,8a969412017373b5acfab636c7530059,3,U91ae685475f98b8,adb_leaderboard_btf,728094,540161673,11747832,4627229,206471,PDDWminnzbApknGlqgkxpZCm,138417154843%7C2a1f8e46-245e-4a36-be2e-21cb1041a01f,11,U92d68c11cf20ac,adb_floorboard,%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia,1061360,540327076,11908123,4955987,4955988,302372,302373,4toHxb5i3eKGPsfolJ10gLL8,ZKnbpUBWqDmzqbvOMugL6P14,8a969412017373b5acfab636ad1b004e&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T3zr&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.6yo.1.0&m=z&rnd=1671116248797
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
0.b1baf7dc66dcc720e7c6.css
cdn.viafoura.net/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.b1baf7dc66dcc720e7c6.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:37 GMT
x-amz-version-id
8zA_NZBIu37pNFn78bzdd.1Lx94TvjfW
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69472
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:18 GMT
server
AmazonS3
etag
W/"8abeb1b7b4e7c5fe45b7b22107f6b9a6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ZSBknUNvRYlsL5GwwcQAjUkuW4oLyDizRafMp8FrJGbYevyQIWFt4w==
da.3dfa1e4a1e4d2aa52663.js
cdn.viafoura.net/chunks/ 		136 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.3dfa1e4a1e4d2aa52663.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
459760e603c2aad2337c143eda84cbd823ed8c841cd5fa24e27309eb9635f4e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:37 GMT
x-amz-version-id
mAmCWPmmhqRK6Ef32vaMBzWvknUI5yLe
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69472
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:05 GMT
server
AmazonS3
etag
W/"3c30fbcc89a470b5120fd272ab4e1598"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
NSHHsKQe3yFQ9dBGLxCqDYfL5bQbMl1vVZ9AILKM1TB7byJfY5OHqw==
167.dec51542ab77839fe7d4.css
cdn.viafoura.net/ 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/167.dec51542ab77839fe7d4.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:38 GMT
x-amz-version-id
ixYXpQeHnRCUgGRKP4.AsqqvdJwKfLR8
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69471
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:20 GMT
server
AmazonS3
etag
W/"50bce8b8e9c95dfbb4e41f65c9883f1d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
2Ni-q26-jSAaT7Tfz3UWE_UKZJzVI14xgA3Meb81oXnZ1VIMKeWemg==
tray-trigger.2fca14b85bbb4a0e7a8f.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.2fca14b85bbb4a0e7a8f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b3eaef8c0f3128fc6400031f37fbd0922f7422651b0ce1ef189e99a1a4724f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:38 GMT
x-amz-version-id
jraZlzgiliuISZ56lYQ0da26YI.N5VsZ
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69471
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:10 GMT
server
AmazonS3
etag
W/"756e1366397fce10c0d213981efeda9a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
rkWCNJi4Ocbc48ONOuIDYy9sApAQAV-iWN2zzauv8knGGjBOoDwHaQ==
ingest
i.viafoura.co/v3/www.thetimestribune.com/ 		67 B
398 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.thetimestribune.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.251.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-251-205.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 65FA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LBP7GRR0-23-4BUC
  • https://usersync.gumgum.com/usersync?b=mag&i=LBP7GRR0-23-4BUC
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LBP7GRR0-23-4BUC
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LBP7GRR0-23-4BUC
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
usermatch
ssum-sec.casalemedia.com/ Frame DEC7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00518e20e5bf3c9af309bf58e8c2f45b3de551f9f35aa6eeaa6dae6a6fae4e34

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a0082c4fc18c8d-EWR
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 14:57:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFqHAgNS9BCm0Xt%2F8knZDc42iVQS6VcGHPSAlleNuU2NqK4zYzOtYjHMa61BPTew2XGBIUJQtUMM36JIBvcfRIMj9foBleO5yKEqEpe6FDfNMfyKQgqZjaHlnocAMtBg2zeWCbImOLwDaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212056383526205
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212056383526205
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=212056383526205
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame 6AC1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2947
x-jsd-version
2.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19143-FRA, cache-iad-kiad7000038-IAD
x-jsd-version-type
version
server
cloudflare
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xISgnGWV1GWFadmcNn6MkM3dx4COeKFOizPNhylZxWao87tce%2Flza0BxYFBlKxqYkbwIG1PgfDJhlcdL7FAK%2FcheFkzGRjo2RJTt6HEZiKquZsKbYqF9Q96JP1Ns9zNwiyV1eDHSW6txHHD3Ya8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77a0082c6a37190a-EWR
browserify-consent-string.js
cdn.concert.io/lib/bids/ Frame 6AC1 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/browserify-consent-string.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.concert.io/lib/bids/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 varnish
x-amz-request-id
PMWHQCV2RW5SZY6Y
age
5381808
x-cache
HIT
content-length
38796
x-amz-id-2
PwBcAreHtpkcwN9Pk9XLYuOTJ1oTzUTZ4pOQM5Dj6JTx1D3mbJ4MOXxaLI84jhEF7eTW5T5HxFs=
x-served-by
cache-ewr18123-EWR
last-modified
Wed, 13 Oct 2021 20:37:16 GMT
server
AmazonS3
x-timer
S1671116249.022277,VS0,VE0
etag
"c8cdc96a2fa10f85ee91bb03aee93132"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
222136
265CC617-1E50-470A-96B5-657054BAA8F9
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B3F4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/pubmatic/265CC617-1E50-470A-96B5-657054BAA8F9?gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/265CC617-1E50-470A-96B5-657054BAA8F9?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
0
content-length
43
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
content-type
image/gif
date
Thu, 15 Dec 2022 14:57:29 GMT
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
referrer-policy
strict-origin-when-cross-origin
server
ATS
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
126
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:29 GMT
location
https://pr-bh.ybp.yahoo.com/sync/pubmatic/265CC617-1E50-470A-96B5-657054BAA8F9?gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame B8FD 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=265CC617-1E50-470A-96B5-657054BAA8F9&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
RXDHPA7KWSGNNHVMBCGK
ecm3
s.amazon-adsystem.com/ Frame 0320 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
M2Y4GYMVM4WV3QHCZWA2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 342D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=JlzGFx5QRwqWtWVwVLqo-Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
104.81.240.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=UTF-8
cache-control
max-age=59347
accept-ranges
bytes
content-length
5549
expires
Fri, 16 Dec 2022 07:26:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
bpi.rtactivate.com/tag/ Frame 342D 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.25.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-25-165.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
d3ed9399030142a7953c3ce5eb2a0d8e
i.liadm.com/s/e/75145/0/ Frame 342D
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=265CC617-1E50-470A-96B5-657054BAA8F9&_li_chk=true&previous_uuid=a75688e224f54542a14a03f313722534
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2Fd3ed9399030142a7953c3ce5eb2a0d8e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&a75688e2-24f5-4542-a14a-03f3...
  • https://i.liadm.com/s/e/75145/0/d3ed9399030142a7953c3ce5eb2a0d8e?mpid=7156&muid=25b0639b-35d8-4a00-967b-6b3a039ff7a4
43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/75145/0/d3ed9399030142a7953c3ce5eb2a0d8e?mpid=7156&muid=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
54.175.230.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-230-119.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:29 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x55 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/75145/0/d3ed9399030142a7953c3ce5eb2a0d8e?mpid=7156&muid=25b0639b-35d8-4a00-967b-6b3a039ff7a4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 14:57:28 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 342D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%2C
95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=d1eed283-136f-4d2c-a332-987d17084c78%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
353
Pug
image2.pubmatic.com/AdServer/ Frame 342D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvoBui1QWjWSw-25zbfIKQ&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvoBui1QWjWSw-25zbfIKQ&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHvoBui1QWjWSw-25zbfIKQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 342D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703
42 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:27 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 14:57:29 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 342D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=265CC617-1E50-470A-96B5-657054BAA8F9&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FeHPXtZE2uUO6DdIkCONxteiteAKnbw-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FeHPXtZE2uUO6DdIkCONxteiteAKnbw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-FeHPXtZE2uUO6DdIkCONxteiteAKnbw-~A&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 342D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
crum
dsum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5s12O09IR-LnG.t1VrL1AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrMgFsmtB4ih1QPRn0RX4Ugy8AruShKM9%2BMqSHt31gC2zGnI7nrCFoAQPpBfWMQ%2BgKvTduggt1aRNipdgjaopu9KKeHpfy0BgeV2ibSrzk9aho6p8Agk4s6raRzj6T1ChQjxVso30cKiRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a0082d29828c8d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame DEC7 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T2SZDSY216426Y9970XK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
rum
dsum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=Y5s12O09IR-LnG.t1VrL1AAA%26145
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=2758f9db-1344-4582-bf8a-b64f0a6d0533-tucta94bb59
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=2758f9db-1344-4582-bf8a-b64f0a6d0533-tucta94bb59
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=2758f9db-1344-4582-bf8a-b64f0a6d0533-tucta94bb59
date
Thu, 15 Dec 2022 14:57:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
2662
crum
dsum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087e220400fa0a38ee1fd5d2&expiration=[EXPIRATION]
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087e220400fa0a38ee1fd5d2&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=087e220400fa0a38ee1fd5d2&expiration=[EXPIRATION]
Date
Thu, 15 Dec 2022 14:57:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DEC7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame DEC7
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686841049&external_user_id=cae6d776-fd5e-4c4d-a948-0aa0c085a0da
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686841049&external_user_id=cae6d776-fd5e-4c4d-a948-0aa0c085a0da
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1686841049&external_user_id=cae6d776-fd5e-4c4d-a948-0aa0c085a0da
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
htw-pixel.gif
cdn.indexww.com/ht/ Frame DEC7 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5s12O09IR-LnG.t1VrL1AAA%26145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59361
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77a0082d5d128c89-EWR
content-length
43
expires
Fri, 16 Dec 2022 14:57:29 GMT
pd
us-u.openx.net/w/1.0/ Frame 5136 		1 KB
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ba7fe154ebeb81b67989350855db8fd8b9fada6ac40bb4fcacf5996929dc9165

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
656
content-type
text/html
date
Thu, 15 Dec 2022 14:57:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
ups.analytics.yahoo.com/ups/58294/ Frame 5136 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ec62879f-c8c8-01a5-2650-153233e26f5d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 5136
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=97607b70-dde5-0d8c-2a0e-54cb9ddafaec
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 5136
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=57988376775515890
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=57988376775515890
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
AN-X-Request-Uuid
c24a8411-7fad-4c6a-ae3e-b6f8962e5480
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=57988376775515890
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5136 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=9a70786b-0c08-8016-b579-56afcc7250d4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M1VGEP9VKC46JZDDJF3D
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5136
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3560567457612390603&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 5136
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5s12AAEM5AzzAAF
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5s12AAEM5AzzAAF
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-ewr18123-EWR
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671116249.224033,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y5s12AAEM5AzzAAF
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
56616252-800e-a9a5-44a0-c2cd5b16567d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 5136 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/56616252-800e-a9a5-44a0-c2cd5b16567d?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 5136
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e063f1e7-594f-448d-9ec8-39652287366a&ttd_puid=c2a60416-10a2-3bec-7577-d438a4419b34&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 5136 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWVjOWQ3ZGMtZDlkNS02NTQ4LTYwOTctOGU4MTZlYTM1NTU0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5136
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECI9OFGjn5IqFyVunUEi2tc&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECI9OFGjn5IqFyVunUEi2tc&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECI9OFGjn5IqFyVunUEi2tc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame ED96 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
274
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77a0082d4a5f8ce8-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:29 GMT
expires
Thu, 15 Dec 2022 18:57:29 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ Frame 6AC1 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://cdn.concert.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
adspsp.com/pt/1710310/15/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/15/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=1:1,4,U47ec49b6d6c842,adb_mediumRectangle_atf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T4b9&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.6zq.1.0&m=z&zi=adb_leaderboard_atf,totalaudience,2,U21552b65fefb36,adb_mediumRectangle_atf,4,U47ec49b6d6c842&z=0,1,2,3:1,1,ax,44c.0,k,007z,b7,44c.0,k,0088,f1,44c.0,k,090_1360x20_k.3l.1zo_1&z=4,1,5,6:1,1,b6,499.0,k,0088,b7,499.0,k,0088,f1,499.0,k,090_2_k.3l.1zo_1&rnd=1671116249210
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 91A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI02aQ7S8CwsUAbWRtRvL5z0Sh7MppmFilMl0ODXRm2jWe44UICZIq-02ZI2QgWKmTmT_RpRI_BDwKDVqGlIHGp_hqBS_kXiXKxOEzyqNv55TD7Ldiyiwj55jLP3pn6kP9OCZ-uEwa6ISvy04llc0zY5_dbx34TE5CpI4KILcLwp5l2rkfETa01Dj3Hoeu7vE1cCJ6Q2LV6skuEAMzXbliG0r9jL2tiGDPqd-uDw40h70lZytflqQ_hF0b_Cf7JRgASv1urZNKkF_cU55kfXhK9s7X1KltgdHRV0eHiInkPhOx8sDA1U21jw3Fh87YurdiyUZH4T3rNtUhOqB-qS_6lcE500n69u6tH7SNRiTqzPDUs74HGMZd_sEqkg&sai=AMfl-YQT8Pt03C_6RqvpBNsDZQWdJqkJWxYZEdQU05oQhxcWNkbbVEDLWEky981WcuFMpBYEzNy4ItLnDc3HkwQO0r0ITaFjDFTgPSEkzf2HhhGhacyBrjRrYwoXTDhEiGgdYQ&sig=Cg0ArKJSzIOvably9VzQEAE&uach_m=[UACH]&adurl=
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 91A1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91A1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:29 GMT
6515262723969441314
tpc.googlesyndication.com/simgad/ Frame 91A1 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6515262723969441314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 01:58:37 GMT
x-content-type-options
nosniff
age
392332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110929
x-xss-protection
0
last-modified
Sat, 16 Feb 2019 22:37:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Dec 2023 01:58:37 GMT
l
www.google.com/ads/measurement/ Frame 91A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxS-f9pp1TuQltrDKYeSLuxOKrbGtqJwyECkcqBMB6NxPKqpE8Zl3Liad_2SS2F7JH0RSUQt7Ld9y08cVatsmIVfjr0A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 5E80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh7oIcqdUFIyBIK8aSYwKP5jgXyF_PvtIJrAElj7hId427Gxh2tLB4JJk8T98V8_qYJUk4kTKjpChzzJRdicjuZ-ymr-XaxDd6Ljng5cc3GRoTmys89pPd9loxmF2MopArdxaR3-aKqR392HPcObJotk4NZR7-Gyjqx41Q2Btqt3PswG3GQJSMXXPjxVyl8UZ3jRNx20f4K_gOGas1QabpianzhD79o8Pr4B3Fx5ibpl73k4dEoF3nMDQnZ4In7J7Li9-AJGZuwIQiFnu9bon2goVJv1234H3WnZKXQjx-SKNdlL2XCdE1rDV3y335x2n96YygevACsZjbvEgsgJZQyQ_wD6kTJquCimE4ksE&sai=AMfl-YTOpS1Bd7Jr1bKIkKzZrc7kFlHNoy4XZ4BaK6RdGj3zqRLihgOML189jwcwO5xS0cBTgh9Xs0Q2McAfoqGFtydjx13XN79LNp2Z8aRR-oFtXTFR-byLmuMMkpiruxF5Pw&sig=Cg0ArKJSzNFzIIMnHTBzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adb_pbuc.js
prod.adspsp.com/ Frame 5E80 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb_pbuc.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-99.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
301650f635e6a3a92b8ecf8855f8bd3376411498d873718317ecb24e4b5358ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 14:42:27 GMT
Content-Encoding
gzip
Via
1.1 401725c701b46e52c0591a613c644c8e.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Apr 2021 20:47:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CMH68-P1
Age
1469702
ETag
W/"4119a6d0349484020e4f6d3aece5c652"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=2592000
Connection
keep-alive
X-Amz-Cf-Id
hh-CA2Q-5AWo3r8wRTRKWLn52lSKUZbJdZVhdxs5o8DXiaS6LFztsQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E80 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:29 GMT
container.html
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:26 GMT
expires
Fri, 15 Dec 2023 14:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2F07 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6eEA6RLc448qP-rIDT2wV53YFLw8jPkOVu1Fd_7ub2sgXYBYBg6_w5KU5SwR9B6T5RWcGRGbv4UNJ5vWPNIqEFDS22gBKSsWojewsVXCrJ6PvL9IdKmrIkfa8yLEbvYafRKeR25z6-pr_2ur6aegfQT-Vwh6jlB2V6a8kRTHNYaNNYRZ7br-Jj7TFaxMnYD53LGMSTks9dX2R0m3TKji4gsGdv09E7R79WwJaRQ1_u9tustRmJABc_NJni_U9mU-nabFnnB6fefBhbkt3EN7WK5boBiOJoRsmx3ADGF9739g_kem7VAGnw7gcr22mxzjJ3VY2H4LFq1EMWpgq0tzhdtz5pNs35orFq-7iP0s&sai=AMfl-YRU0ypmwdUgyrwQOKIHy3vTvXovsFDnKiSBHKYrGMpkZoE4By3AiJxNeShknQPtDoYHC4fYvjQrOwvoDUUNcpwgxfH7tnc4tOO7KP44absZk3XBZL4Tk5Rho82wFBDaNg&sig=Cg0ArKJSzC2iLXR02IHoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adb_pbuc.js
prod.adspsp.com/ Frame 2F07 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.adspsp.com/adb_pbuc.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-99.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
301650f635e6a3a92b8ecf8855f8bd3376411498d873718317ecb24e4b5358ce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 14:42:27 GMT
Content-Encoding
gzip
Via
1.1 401725c701b46e52c0591a613c644c8e.cloudfront.net (CloudFront)
Last-Modified
Mon, 19 Apr 2021 20:47:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
CMH68-P1
Age
1469702
ETag
W/"4119a6d0349484020e4f6d3aece5c652"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=2592000
Connection
keep-alive
X-Amz-Cf-Id
1DJXbuSzO_vLdW7RrCMtaz2cTBv1tUEX9kHsdWMEYkld6TeeOm1zmQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F07 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:29 GMT
truncated
/ Frame 91A1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1b6eb8437fad9436f32d7af5533e5e259901cf66d569ccc3b56e9bfc1db6fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
content-module-js.736f07c5831f540458c3.js
cdn.viafoura.net/chunks/vuex_store/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.736f07c5831f540458c3.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:24f7:1000:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b145e77cb29d4743a5beb0959604f57f19ae1bf34f3f250e8cab3ee38dc82d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:39:37 GMT
x-amz-version-id
mNo._6Z_pvwfmFC2wVk7ucsWjdJlI_l6
content-encoding
br
via
1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront)
age
69473
x-amz-cf-pop
CMH68-P1
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 14 Dec 2022 19:39:04 GMT
server
AmazonS3
etag
W/"197bc8b45d4094c815462f119fd0a53b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
ynLZz8tIyWna_On0CcOygBKK-jHUunBRG_DPV6uLX78XGvpLOgO-Jw==
activeview
pagead2.googlesyndication.com/pcs/ Frame A419 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYOBxYkOm__-fd59dkpHAAk3dexKsnZLvaOj4LfePAX5XOpcOB3LMOzIu2x-5XmBHLt3KBTvKNjLDuS_Cg9U2x7k5cE-zOpu9d0Y49JB96HTwIt_Cv&sig=Cg0ArKJSzNt-rj0oLKiyEAE&id=lidar2&mcvt=1094&p=334,1180,584,1480&mtos=1094,1094,1094,1094,1094&tos=1094,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2018067250&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671116247627&rpt=647&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CD2A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74ba02d83d6d3127ed46021227e625e2e097c5aecb097a183e9a07a03104d76

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a0082edcb58c8d-EWR
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 14:57:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1ZPoTKv5d9DdvUyo0w1AIuv0BTGpyJwBoirpLPtLyQjFSlC1c6C5YeDSH1up8Eh2AdRAWFzGvDaC1o2pQr%2F5tJsXEMJGziyot9IWhjGu3tq1YQREJnVsuqWSyJ16LO72r4xE%2Bpf7CQu1A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 97EA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDdVW2DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoErQJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zFZYoKAfSDxJjKpvDG2-wkyKKu6pcfaodD-bwPnJ5CIJ20aFH5A4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MzI3NjYyNDA4MzAzMTU2GOWLEQ&sigh=_CVpG2Xz2I8&uach_m=[UACH]&cid=CAQSPADq26N9DSoopwWH-5wMmI1cIxqq_HneUx9VJ7g-qXVQVMJsAS8yuT8zpBRu6uuTt3TyC6GO4NPspTFrEhgBIBM
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
creative
aax-us-east.amazon-adsystem.com/e/ax/ Frame 107C 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
955048e735d70910b09573a2cd2a338e328f56a402836203915811809a755b79
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
6048
Content-Type
text/html;charset=UTF-8
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SWFH1M4RG72DFRQT53XQ
iu3
s.amazon-adsystem.com/ Frame B9AF 		64 B
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?d=doubleclick.net&cb=237171
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
64
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 15 Dec 2022 14:57:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1K4DSTNTQZF1EQ24436G
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 97EA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15F5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38068
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 04:23:01 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 04:23:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 97EA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
63873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:12:56 GMT
l
www.google.com/ads/measurement/ Frame 97EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRR8Z9EITsT_kOBm3VuSVP2whOjozxNiEPQtTC2nk6t27Ownd69w5KwsG_hrrtMgnBnakjUB02IgmdhKuOFQDLAdEobnA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 97EA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
63730
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 21:15:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 97EA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:29 GMT
ad.js
hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ Frame 5E80 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ad.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11ac8a2727b3881d0e0330643bbb36f9e5592206d310d557055228b850af29d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
95KZ8Z6R73BCSBQM
age
3449
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
ad.js
content-length
6088
x-amz-id-2
AA+NBniyZ+uG243HZh2moYdgQrW7B8kVhpoerTD1pTY3T76sSiyPrqOfBltSbwG2OA37ShNzIZw=
x-served-by
cache-ewr18130-EWR
last-modified
Wed, 14 Dec 2022 20:42:26 GMT
server
AmazonS3
x-timer
S1671116250.501304,VS0,VE0
etag
"559d4bee211e89f46324c07197a05a2e"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
168
pixel.gif
usersync.samplicio.us/vox/ Frame 5E80 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.samplicio.us/vox/pixel.gif?id=212d9cbcfb504c2b6605b0f448d5fa9ba94b35bab1af7279d10ceb798ad74187
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.91.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-91-195.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
nginx/1.20.0
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5E80 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0ay2SAVXUru7v193pDDp3gFAfpMDsQvyB0OEcM-r93k8lfWETmd4jO_BtlYYVYQ70iGw2mNP-txH3eYgaDUjcFOna4twc0g3PhgFHfGcDuNdjPnAFe41BzAyr-3HQQ2lgxYdxHv_WanrV6IoXBRxVRYSYeFF2Tv8akpxAiTR6kIF0j2DH1pElJCp65d3O8JO34k2Le5kSRYU3tkhFvT2GZa8qlrOH_VD6-OanuqTePCefvEYUa3wZgZt1wuE3s0NX7_GFNlnJkNtmFM6AnWlB2GsHhtZjp3bu9-mPPnoHPyYsGR5wv1jI-2nQ7gXKIHuhUl-qvXCnRaYjIHSvDQ&sai=AMfl-YTX8AcClmW6e95Spg4ol3XjRDGu5TAD7RYAEJhf9JJCWkrD9d7cqxjol9gTKXiON4VnEiz0Mm4UrTbtThoC39evh1XXAdhla033qf_Zp3JdA9tVrQPAnOhP&sig=Cg0ArKJSzCOldjpQkMB2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
moatad.js
z.moatads.com/voxcustomdfp152282307853/ Frame 5E80 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxcustomdfp152282307853/moatad.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9a4c4704d298180a33b96a8885a8fdf00839321d70b5bc698c55cb13839f34ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:37:20 GMT
server
AmazonS3
x-amz-request-id
6QT2QHBP66P5Y22E
etag
"fb689c8f9fdb1cfe842cc5a3c809213c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60212
accept-ranges
bytes
content-length
4650
x-amz-id-2
/R+DrhiwU/N+bnUXzZvJ66k3aR4mHGYlYVCIMOeD9kDCG30ebNQe5AoHijkTUuQuQ+lkX8jaP31rgb8Spm+YMg==
ad.js
hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ Frame 2F07 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ad.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11ac8a2727b3881d0e0330643bbb36f9e5592206d310d557055228b850af29d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
95KZ8Z6R73BCSBQM
age
3449
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
ad.js
content-length
6088
x-amz-id-2
AA+NBniyZ+uG243HZh2moYdgQrW7B8kVhpoerTD1pTY3T76sSiyPrqOfBltSbwG2OA37ShNzIZw=
x-served-by
cache-ewr18130-EWR
last-modified
Wed, 14 Dec 2022 20:42:26 GMT
server
AmazonS3
x-timer
S1671116250.501267,VS0,VE0
etag
"559d4bee211e89f46324c07197a05a2e"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
168
pixel.gif
usersync.samplicio.us/vox/ Frame 2F07 		35 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.samplicio.us/vox/pixel.gif?id=212d9cbcfb504c2b6605b0f448d5fa9ba94b35bab1af7279d10ceb798ad74187
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.91.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-153-91-195.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
nginx/1.20.0
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
35
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2F07 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDDnIkjBty-isBhkGKZGqC4dHKVVRe_v_19qxA8L-bJlQy1NzI_eydbBL6XLmvJNBdX57AHFbDXpTvLWxaAn-E7oMGTed6OgUlTCBdR_IjTxO_dd_kIJogwD6rqDyTXybm32GGvvikPaenq44ENHU3BYLzwPlUOXsESxLpTNSUkyCKaSRfXVt8YCaaMd4ORT89I-t9vaGnGHpNQ7HX7MZ2-pXXqzY_iUMpAHfK8gwIu4izVugfNfp2PtYwNuXdbV54_syt9VuiPMqFRNL4UMpe9C8yIYdaNCWDdMojQpnrsyo5_T7oX7kMPohRz_X7JPVt-J4FrliRVFVya78DvA&sai=AMfl-YQ-QDIBTdfqYFJhMDp7ytMV4vVwNjMLz28SjrdMQZpiK0MbeYSp4id3n6QmD4XQquiYRRL_rUV-E3IgTr6eY9m1wIP7sDhy1AMhpD0CIhf_IoRd31KLFiSE&sig=Cg0ArKJSzD8fUX6J3ZeEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
moatad.js
z.moatads.com/voxcustomdfp152282307853/ Frame 2F07 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxcustomdfp152282307853/moatad.js
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9a4c4704d298180a33b96a8885a8fdf00839321d70b5bc698c55cb13839f34ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:37:20 GMT
server
AmazonS3
x-amz-request-id
6QT2QHBP66P5Y22E
etag
"fb689c8f9fdb1cfe842cc5a3c809213c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60212
accept-ranges
bytes
content-length
4650
x-amz-id-2
/R+DrhiwU/N+bnUXzZvJ66k3aR4mHGYlYVCIMOeD9kDCG30ebNQe5AoHijkTUuQuQ+lkX8jaP31rgb8Spm+YMg==
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=2:2,11,0,0,0,true,0,,0,0,U92d68c11cf20ac,adb_floorboard,%2F9869277%2Fcnhi%2Fthetimestribune%2Frichmedia&b=2:2,6,22h8pxy,10rpxnh,1rikkz8e,,236vghz,8c`6y,1rikkz8e,236vghz,U86e61d76052531f,adb_mediumRectangle_btf2_flex,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&b=2:2,14,20svrvh,19hscjr,1rl02shu,,2ipz7ke,1`1,1rl02shu,2ipz7ke,U89f3a7d06105028,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&b=2:2,7,8601h,1w5b85,0,,0,8c`go,byautot,uhzxh,U901242f55550ac,adb_mediumRectangle_btf3_flex,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&b=2:2,3,20svrvh,19hscjr,1rl02pqf,,2ipz7ke,1`1,1rl02pqf,2ipz7ke,U91ae685475f98b8,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T4j0&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.7k2.1.0&m=z&zi=adb_button_btf1,weatherhousead,0,adb_button_btf2,adb_large-video,largevideoplayer,adb_reveal,reveal,adb_floorboard,richmedia,11,U92d68c11cf20ac,adb_mediumRectangle_btf2_flex,totalaudience,6,U86e61d76052531f,adb_leaderboard_mid,14,U89f3a7d06105028,adb_mediumRectangle_btf3_flex,7,U901242f55550ac,adb_leaderboard_btf,3,U91ae685475f98b8&z=0,1,2,2:.,1,120x0,fl,23ec.0,2h0,09c&z=3,1,2,2:.,1,120x0,fl,23ec.0,2h0,09c&z=4,5,2,2:.,1,1x1,fl,26xb.0,5zz,09c&z=6,7,2,2:.,1,1310x0,fl,26xb.0,5zz,09c&z=8,9,a,b:.,1,1600x90,fl,4uu.0,k,09c&z=c,d,e,f:.,1,2,fr,23kq.0,2ne,09j&z=g,d,h,i:.,1,1584x20,fr,23jb.0,2lz,09j&z=j,d,k,l:.,1,3,fr,24di.0,3g6,09j&z=m,d,n,o:.,1,1584x20,fr,25d7.0,4fv,09j&rnd=1671116249489
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
crum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5s12O09IR-LnG.t1VrL1AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJIEes5Fjegdd7mdai2aZts&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e063f1e7-594f-448d-9ec8-39652287366a&expiration=1673708249&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame CD2A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
79ZGWP2WSDXSN9HF6TQJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykl0Lj933sGk8Sjg1fdkgt950VPC07YZ1vkVLnJnbOzYF5sVAnFltvVBmlqZ4Va3E7Z%2BnAPKKDqAMLzQrKhllXUurU6VktefXeiGv2ORmcjwgNhKcArGGsh21%2FKXp1jfoRdWbcW0UdWXpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77a00830a8958c8d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=67af2790-34b1-43a0-ae7e-7a74344429af&expiration=1702652249
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=67af2790-34b1-43a0-ae7e-7a74344429af&expiration=1702652249
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=67af2790-34b1-43a0-ae7e-7a74344429af&expiration=1702652249
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjZWNkNThjNzU2NTM0ZjlkZmZmODgzMDA3ODU&expiration=1702652249
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjZWNkNThjNzU2NTM0ZjlkZmZmODgzMDA3ODU&expiration=1702652249
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=MWRlYmRjZWNkNThjNzU2NTM0ZjlkZmZmODgzMDA3ODU&expiration=1702652249
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.0
content-length
140
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
crum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EE7C2CD6447D4FB782121DE57AC7E703
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EE7C2CD6447D4FB782121DE57AC7E703
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=EE7C2CD6447D4FB782121DE57AC7E703
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 14:57:29 GMT
crum
dsum-sec.casalemedia.com/ Frame CD2A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAtHk7HNmwAACIa0xycww&expiration=1672325849
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAtHk7HNmwAACIa0xycww&expiration=1672325849
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAtHk7HNmwAACIa0xycww&expiration=1672325849
Date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame CD2A 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5s12O09IR-LnG.t1VrL1AAA%26145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59361
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77a0082feae68c89-EWR
content-length
43
expires
Fri, 16 Dec 2022 14:57:29 GMT
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-c70c7f85b908/ 		36 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-c70c7f85b908/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.251.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-251-205.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 91A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRpTu3LE53vnpSMpy7auRPQOOleA-tJv97T9em9RduCH1m9odJGoYHHX2OGROWmQdZ5k7bniiTldnpHtlql1PxJUT9QITCLcoA2cK8_KB-RiRmS7fFPjA8cG8klILs3M4xicIA_XkrsS156G1JFJcAVuPvqhWvF2W-Pd9okCZlBkQDjU-w45c0gD3KTHJehg88j4NWLIxKYVzihbtZhY_MvgbFcVT53Oy03AgKshww91KoYJvI8vu6D_ZsHHEVQuSK6a8Org2o6tOYk_sUJ81enRWSk2UEcCcQX88FvZXaOw9fx0aAq_GW1SyPzR5hWG7_lq-7ehaRzM2Hio2KSVkF6jymBRxhhjdZ0xGTNR4RIw&sai=AMfl-YTOclhbICs3KREDasTBIIcHWnTyNJgWny4el7uVtAbh6oZ0LamM4pzmwVLxRqY9cPiFkF4ifveTupW4h70FqearZJyF9Wy2UnzBvI1z7v-XLmPUzlWMHvo1_xPA9qj5LA&sig=Cg0ArKJSzPN4955vlZHaEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:29 GMT
3670e697-f8de-4186-8f7a-94813c840971.jpg
m.media-amazon.com/images/S/al-na-9d5791cf-3faf/ Frame 107C 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/S/al-na-9d5791cf-3faf/3670e697-f8de-4186-8f7a-94813c840971.jpg
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82d1a7029b008266e3a0c3f95daa6c22d02f014a0e866fd38e8bc18b3890b99b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
last-modified
Fri, 25 Nov 2022 21:01:25 GMT
age
63046
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
HIT
access-control-allow-origin
*
content-type
image/jpeg
x-amz-ir-id
889fb5df-3e0c-45ce-856f-273e252b431e
server-timing
provider;desc="fy"
accept-ranges
bytes
content-length
45978
x-served-by
cache-iad-kcgs7200062-IAD, cache-ewr18139-EWR
41oWxEt9w-L.js
m.media-amazon.com/images/I/ Frame 107C 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/I/41oWxEt9w-L.js
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
703019ff03c9dd0aee370e4a81f751ebdaf33ba01d8407b883a8fe209caba4c5

Request headers

Referer
https://aax-us-east.amazon-adsystem.com/
Origin
https://aax-us-east.amazon-adsystem.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
br
age
10447767
x-cache
HIT from fastly, HIT from fastly
x-nginx-cache-status
MISS
server-timing
provider;desc="fy"
content-length
6777
x-served-by
cache-iad-kjyo7100106-IAD, cache-ewr18146-EWR
last-modified
Mon, 08 Nov 2021 22:54:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
236e3f56-2c5f-4fc8-a75a-d3ebc216152b
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
expires
Thu, 27 Mar 2042 09:25:11 GMT
impb
aax-us-east.amazon-adsystem.com/e/ax/ Frame 107C 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/e/ax/impb?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G2AZSHCVVYBH70NQY8YG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-store, max-age=0
Connection
keep-alive
Content-Length
43
csmv2.js
c.amazon-adsystem.com/ Frame 107C 		44 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/csmv2.js
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ba6e755468fab85c55eae54ac954178084ea241a28edbac2ebfb7f6357d594d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
eIQ_wH6XxiJdToFu_GuwfrDDa4I75rtd
date
Thu, 15 Dec 2022 07:55:29 GMT
via
1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 09:42:37 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1
age
25320
etag
"f5892c5f16088f889e0e9b06ef2228e7"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
44683
x-amz-cf-id
tfgbngM05PJJHKcA55VEdd7wmyt0nXZvAu6j7fTgTXO6q-ejwDYB4A==
sdk.video-build.1.0.js
cdn.concert.io/hymnal-ad-sdk/master/latest/ Frame 2F07 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Requested by
Host: hymnal-prod.vox-cdn.com
URL: https://hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5429f05f2bca1b5d0e1c6de4c7f753ea097150966ab9708702906b64b188c20a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
N0YME3VKXR1F8D0Q
age
511883
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
hymnal-ad-sdk
content-length
309082
x-amz-id-2
FQQ/VUnzTQivqmVrJZfeD4JWEzLGUWxZtUnXU8XsoeyrgbKSaUFF11AYQGFWZHyElXYNe+SyUdA=
x-served-by
cache-ewr18123-EWR
last-modified
Wed, 07 Dec 2022 15:39:51 GMT
server
AmazonS3
x-timer
S1671116250.622091,VS0,VE0
etag
"5f244481c9c499be86464f1774f08fc7"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
4491
sdk.video-build.1.0.js
cdn.concert.io/hymnal-ad-sdk/master/latest/ Frame 5E80 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Requested by
Host: hymnal-prod.vox-cdn.com
URL: https://hymnal-prod.vox-cdn.com/ads/netflix_1014284_1_branded_content_concert_branded_content_cpv_athena_netflix_bardo_branded_media_asset_immersion_dsk_350179673_90b493bf-ede3-4e64-89e9-78ce1b3c49d9/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5429f05f2bca1b5d0e1c6de4c7f753ea097150966ab9708702906b64b188c20a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
N0YME3VKXR1F8D0Q
age
511883
x-cache
HIT
x-amz-meta-surrogate-control
public, max-age=2592000, stale-if-error=86400, stale-while-revalidate=30
x-amz-meta-surrogate-key
hymnal-ad-sdk
content-length
309082
x-amz-id-2
FQQ/VUnzTQivqmVrJZfeD4JWEzLGUWxZtUnXU8XsoeyrgbKSaUFF11AYQGFWZHyElXYNe+SyUdA=
x-served-by
cache-ewr18123-EWR
last-modified
Wed, 07 Dec 2022 15:39:51 GMT
server
AmazonS3
x-timer
S1671116250.622208,VS0,VE0
etag
"5f244481c9c499be86464f1774f08fc7"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60
accept-ranges
bytes
x-cache-hits
4492
/
adspsp.com/pt/1710310/12/2/ 		0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adspsp.com/pt/1710310/12/2/?a=2,a2lbp7gr3m6SoBOGHaeY,8k8CMrwg5x&aa=01CihRyu.gN&b=1:2,14,172,CNHI,15.2,620,366,U89f3a7d06105028,8,adb_leaderboard_mid,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience,%7B%22crid%22%3A%22138417154843%7C35745b72-b3fc-4271-b75b-f6cb8b4efcfc%22%2C%22ttl%22%3A360%2C%22cur%22%3A%22USD%22%2C%22nr%22%3Afalse%7D&b=1:2,3,172,CNHI,15.2,620,366,U91ae685475f98b8,8,adb_leaderboard_btf,%2F9869277%2Fcnhi%2Fthetimestribune%2Ftotalaudience,%7B%22crid%22%3A%22138417154843%7C2a1f8e46-245e-4a36-be2e-21cb1041a01f%22%2C%22ttl%22%3A360%2C%22cur%22%3A%22USD%22%2C%22nr%22%3Afalse%7D&e=&c=https%3A%2F%2Fwww.thetimestribune.com%2F&d=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&f=1.lbp7gq05.1Tsx.2T252&g=2T4mw&u=4d97623f:la8xlfqr:31f&v=18g.xc.0.7k2.1.0&m=z&rnd=1671116249629
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.190.9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-190-9.us-west-2.compute.amazonaws.com
Software
linux /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Server
linux
Connection
keep-alive
Content-Length
0
Content-Type
image/png
moatcore.js
z.moatads.com/voxcustomdfp152282307853/ Frame 2F07 		345 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f0ae5b9f8a1720824de45b30479e4c9da62f81dd5b00f6118782fda7262de24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:37:58 GMT
server
AmazonS3
x-amz-request-id
X6QMVVPCJZDAH82Z
etag
"91b175bc54a36ef3a3e3aca20c7f4fd5"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60288
accept-ranges
bytes
content-length
119414
x-amz-id-2
DGtp/95NzplpOo2Y9IkDurCiSMXBqqw2nWrKV0Sl22UV6lOrWs7KftHOlcO591JqvxOj3VkFiMQ=
tracking
bids.concert.io/analytics/ Frame 3E9B 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/analytics/tracking?params=U2FsdGVkX1%2BzaZ8MdT6qjI3nEjbXV7n%2BXOlP2YzckXP1cHp3oEaLcjQY1n6mGPl%2FYPvjpNpne8hJCuMcBirxZKi9fDuynsfPQ7zSdQewDf6nk7VHhczh0INpoqkX0LCxgvsjFzlJsq%2FwbTu6xJaQnfyWfEWobAZrdRq8IUdfw%2FBNMLDaasQRNUTax0vh9yftY3hcVrJopvN4huUZYDrcBJTiBHxmjRRyf7MCnMGSLlMsS8ix8BmGiS9sNZWG5GMRKbaiLMjcAdO5nw8KNjI2lak0uDX9uGuL6zTPEMnLy1w2t8MmA8k%2FJMb2DQ1%2F4C8on9beJR3A7LOaee55nMHp8fmJ10Y%2FW5Bqo47hhoageYD33MLOjBIS1uwyKPxq31386liInGD2j9Uy3YLaQ41YHKvrXwMmcEckvMsSWIRNMp8XBuM4khBcg4UMVllvoXBTYC5njIKRoFQCxoVR%2FIw3Ow%3D%3D
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 14:57:29 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-city
New York
x-cloud-trace-context
dfb758e0792ffab9190c53274066e425/9017756182879240612;o=1
x-lat-long
40.712775,-74.005973
x-powered-by
Express
x-region
US
x-region-subdivision
USNY
x-response-time
1.112ms
truncated
/ Frame 2F07 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9cbd47c7cbe5fd558dec943451bb26ca533ad2fb274fd07652b2f8b7a1f74de

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
moatcore.js
z.moatads.com/voxcustomdfp152282307853/ Frame 5E80 		345 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f0ae5b9f8a1720824de45b30479e4c9da62f81dd5b00f6118782fda7262de24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:37:58 GMT
server
AmazonS3
x-amz-request-id
X6QMVVPCJZDAH82Z
etag
"91b175bc54a36ef3a3e3aca20c7f4fd5"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=60288
accept-ranges
bytes
content-length
119414
x-amz-id-2
DGtp/95NzplpOo2Y9IkDurCiSMXBqqw2nWrKV0Sl22UV6lOrWs7KftHOlcO591JqvxOj3VkFiMQ=
tracking
bids.concert.io/analytics/ Frame F66E 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/analytics/tracking?params=U2FsdGVkX1%2FBC9R%2FJROe0AYlomNG9LpgKITrSDexvBHCuhyLkcQLtiJBfCVckMCVUGnyOtzUr%2BflN%2FtnN62KOk4TxbXsvuilY9%2B0f%2FgPBCSuAMKkDxCWQTXWcCDcrzzKgc7Cl9JsOudLwKBqzdGrp0XyJCMOr%2FY4oT8i5dRkF9ZjGp3usNh%2Bzw220LqGSiBeoyR0k8YJvxAd3D6rQVTeQleHCN%2FoX%2FtbPhzn%2FKjfeKI70ShWkmVMeOumcV29pX%2FhaMKuUhTMzkqtd8tPI1uFEyS41n0NEWtnMLBScyn57UliuDoi2oxY56mdsWcuOTdqGUaiGXdDjMpKUct74%2FGgHtzK9Cz335xdo8FMelivY1lU%2Fs9lW0ZFcTbw6%2FIeOuElyEPYBHs8Hwor7koCtAgNBKxz7PoXKxyql0vBFIrj2oRySU7E2d56URD7S40o8fYmKuvEVbX0P1QNLqiEDwIKoA%3D%3D
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Thu, 15 Dec 2022 14:57:29 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-city
New York
x-cloud-trace-context
72cd50b25586b169bda039e86f6141be/12479968140260311328
x-lat-long
40.712775,-74.005973
x-powered-by
Express
x-region
US
x-region-subdivision
USNY
x-response-time
0.838ms
truncated
/ Frame 5E80 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcf5b4508f90e7eb82bc48119b7f5a534672e6fdc2c3e81f29880aba9fbebdaa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFJzdnU3b04xUDVQRlQ1&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFJzdnU3b04xUDVQRlQ1&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-nbsOLbQzaND6RNkj2JKUyFNCpTO2Rf5uDbGfyA7Z6Hohm7MnXw5rRE9i68me7jB-HKnpEeyccpY7Q6TQ7heDAGDhjDoFwYw
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-0d19dd84b9b4eb584@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFJzdnU3b04xUDVQRlQ1&google_gid=CAESEOLi8Kq2x6w5sTSSO4l1tiA&google_cver=1&google_push=AavPq0OGT3iwkJ0iiHhTTIMgxWxujObqjCKTHea8E2o16g-nbsOLbQzaND6RNkj2JKUyFNCpTO2Rf5uDbGfyA7Z6Hohm7MnXw5rRE9i68me7jB-HKnpEeyccpY7Q6TQ7heDAGDhjDoFwYw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 15F5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9U...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77a00831dbd7c42c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
994
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECM2WzFJE6J9hH013IFxqBk&google_cver=1&google_push=AavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0PoOab9ViQI4sO_dtyiRSI0AUCJHLhN1cQSbsZnIe52wRjM72_2T_KkJ8weWqupxo90dbsmu5lBhUcPT0DcOJQ5o5pZxrz9UDysUzPKshbF1Fsku1wjE5ME85nO8HH6nv6uCuru%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77a00830d9dbc42c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&google_nid=index&google_push=AavPq0NFvqDmZW1nItRoygA9-aibSoyumPR-_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&google_nid=index&google_push=AavPq0NFvqDmZW1nItRoygA9-aibSoyumPR-_PGoA-2hy6R9rkgeSmYVp1edyssQur_co15fnuDvGPhYBFZztJHXKmQ2mG8mmVZtcVzida4wEQAMxswomfVf4oOJN0sB4_z_vwpd9KNGKA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dPaQO8EbOX7sVGaYLsfRDmkpc7g5sZpr%2FYSZOeSNnI2e9X5XJMIkz9lAob8cmomHWESPpGppz9%2FfoRbkdcMq15uzfQQ7yLWvt3LRPNUPpFZSgqgY1yPipgtfgAxZKPqySgb%2Ff86ueF46g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHvhFPrNa6kwg8NvtLPoyeE&google_hm=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&google_nid=index&google_push=AavPq0NFvqDmZW1nItRoygA9-aibSoyumPR-_PGoA-2hy6R9rkgeSmYVp1edyssQur_co15fnuDvGPhYBFZztJHXKmQ2mG8mmVZtcVzida4wEQAMxswomfVf4oOJN0sB4_z_vwpd9KNGKA
cache-control
no-cache
cf-ray
77a00830a88a8c8d-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEHCrBIq0rkUYDRMic--pOrg&google_cver=1&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsK...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsKiEvh202gqM5nY--ZhXYWDAOOCdYNwZZ34xQPum8TLVub...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsKiEvh202gqM5nY--ZhXYWDAOOCdYNwZZ34xQPum8TLVubNMBXewUJg&google_hm=F0hhdPZHdKReb32SS-6T_Si-
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:29 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0MUKYkvikWJwMTRlE0MpjU7aCymw7pOgZz0XQoN7PmVskPg5XPtinAwh-RxUPyQUV9DBxlU_oejCiSn2WYsKiEvh202gqM5nY--ZhXYWDAOOCdYNwZZ34xQPum8TLVubNMBXewUJg&google_hm=F0hhdPZHdKReb32SS-6T_Si-
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEI5fTjtpb6EUGn-DNM4-QxM&google_cver=1&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXM...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXMF9KNl2VIOl34lwJUx88zRMHRI_y3bFcZzlNl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXMF9KNl2VIOl34lwJUx88zRMHRI_y3bFcZzlNl5DGL7cDZzpBb6EUmQ8GjGQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0MieqduXZsgdAm8h_Pet-Q_ETUkn63hNkj6Zr81UK7XA5ammHA2AWZUonP8NuvDzxzyhWsYJbmeaRXMF9KNl2VIOl34lwJUx88zRMHRI_y3bFcZzlNl5DGL7cDZzpBb6EUmQ8GjGQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEB2um_zSTRaw_GqacBJ29K0&google_cver=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9BKizIWxg-Cm8zujpQPKkoKNTCHtUGMZY2MihKRLQnPwQrpNVyUlUW_cDGLg7wezY0f...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&mn_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&mn_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9BKizIWxg-Cm8zujpQPKkoKNTCHtUGMZY2MihKRLQnPwQrpNVyUlUW_cDGLg7wezY0feErh8jhnhqiasTov2Npl5ErWCguvBhwXR-GD1tS_yw86g&gdpr=&gdpr_consent=
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:29 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&mn_hm=MzE0MTE3ODQ4MDgxNTg2OTAwMFYxMA%3d%3d&google_sc=1&google_push=AavPq0N9gSRjCswPB8HoYkHZ_4EbzP9BKizIWxg-Cm8zujpQPKkoKNTCHtUGMZY2MihKRLQnPwQrpNVyUlUW_cDGLg7wezY0feErh8jhnhqiasTov2Npl5ErWCguvBhwXR-GD1tS_yw86g&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Thu, 15 Dec 2022 14:57:29 GMT
pixel
cm.g.doubleclick.net/ Frame 15F5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENVmAM6IOU53UUXkzyEtcJI&google_cver=1&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75slnSzYNwk_Pny5LG6kJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10RjluVDg5RTJ1RzJscmNCdEZURVFmMGp6U2QxTDIwWH5B&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75sl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10RjluVDg5RTJ1RzJscmNCdEZURVFmMGp6U2QxTDIwWH5B&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75slnSzYNwk_Pny5LG6kJN6F8XSLrNtOXfLcHulzVLG9ufOX8DHGbTtBcQk2_aVgb45_4unfB2edj0nvV2Z2EbbSQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS10RjluVDg5RTJ1RzJscmNCdEZURVFmMGp6U2QxTDIwWH5B&google_push=AavPq0Net9PqafKQbBISOWmhfOq2x2ZlE1LUAxpr1YLD1wSuTOzUh75slnSzYNwk_Pny5LG6kJN6F8XSLrNtOXfLcHulzVLG9ufOX8DHGbTtBcQk2_aVgb45_4unfB2edj0nvV2Z2EbbSQ
date
Thu, 15 Dec 2022 14:57:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 15F5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEA1WoLtZl5hk1FoO99r5rJ8qOv3bjzTAc2WKL65TtdcS1X37q-yuZlOqQg9IRRgSfe7osJQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ac-topright-sprite.png
images-na.ssl-images-amazon.com/images/G/01/da/adchoices/ Frame 107C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-na.ssl-images-amazon.com/images/G/01/da/adchoices/ac-topright-sprite.png
Requested by
Host: aax-us-east.amazon-adsystem.com
URL: https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::272 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef41212a278b695b42d60b2ab9423983c102297349d13439c5e13abeb3c2aa01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Fri, 18 Mar 2022 06:36:29 GMT
date
Thu, 15 Dec 2022 14:57:29 GMT
last-modified
Fri, 16 Nov 2012 23:02:38 GMT
age
40093
x-cache
HIT from fastly, HIT from fastly
content-type
image/png
access-control-allow-origin
*
x-nginx-cache-status
HIT
cache-control
max-age=86400,public
x-amz-ir-id
82e8905d-8a60-4650-8e0f-9e09a377f832
server-timing
provider;desc="fy"
accept-ranges
bytes
timing-allow-origin
https://www.amazon.com
content-length
1711
x-served-by
cache-iad-kcgs7200159-IAD, cache-ewr18150-EWR
truncated
/ Frame 107C 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 97EA 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df268b78ee36469f79dd175a880835560b3b8812262e2611a12cf6cf676e4cbd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7rkJAhPCWXbw9Lq5dZxc6TvN%26source_user_id%3D%24UID&partner=sharethrough
  • https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=[UID]&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS03Y...
  • https://ssp.disqus.com/match?bidder=18&buyeruid=aa71b1b2-e906-461c-ba18-9e6b0f8e4978&r=Cid1YS03YmUyMzhmNy0xMWQ3LTMwZDctYjY2MS02NTdiMGU2MmY5YjMQ____________ASqAAWh0dHBzOi8vbWF0Y2guc2hhcmV0aHJvdWdoLm...
  • https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-7be238f7-11d7-30d7-b661-657b0e62f9b3
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-7be238f7-11d7-30d7-b661-657b0e62f9b3
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=7rkJAhPCWXbw9Lq5dZxc6TvN&source_user_id=ua-7be238f7-11d7-30d7-b661-657b0e62f9b3
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
VXC_NetflixBardo-Athena_DesktopImmersion_copy.jpg
hymnal-prod.vox-cdn.com/uploads/asset/file/152504/ Frame 2F07 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hymnal-prod.vox-cdn.com/uploads/asset/file/152504/VXC_NetflixBardo-Athena_DesktopImmersion_copy.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ae21ba8afe6488abcb750d2d03d74e42ca6a23ab656aa1c14eff557225ab3f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
via
1.1 varnish
x-amz-request-id
874BA4PCF6EA6BR4
age
165404
x-cache
HIT
content-length
40894
x-amz-id-2
MijgcoEaEeprfm7dHDmJmZEjku9vCbaYKOTGS3UNqcRyUxuwhxQKHfF1pRn/jPSOyX6oz9G5QP4=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 16:02:25 GMT
server
AmazonS3
x-timer
S1671116250.021410,VS0,VE0
etag
"2d29751bd3deb9dabd2c9f2ea77ca6b3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000
accept-ranges
bytes
x-cache-hits
44
Video_Thumbnail_560x3151.jpg
hymnal-prod.vox-cdn.com/uploads/asset/file/152506/ Frame 2F07 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hymnal-prod.vox-cdn.com/uploads/asset/file/152506/Video_Thumbnail_560x3151.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45d8aeb983ccf7d5a10d2564dca995cac927794124d84980eb2f4ec88adaf154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
via
1.1 varnish
x-amz-request-id
874D2HEZ67M4BBTH
age
165404
x-cache
HIT
content-length
83663
x-amz-id-2
k2axrN2HCKjqi0qBQpjf0uXys8hwrqIm1HcV/M3nwOTZ0oVDu4Dghonv/JBD5NhClCvO8ti85PU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 16:02:25 GMT
server
AmazonS3
x-timer
S1671116250.021515,VS0,VE0
etag
"58469aeb8071fe33e92185e037277e69"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000
accept-ranges
bytes
x-cache-hits
327
truncated
/ Frame 2F07 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d80a783d7f0b7430b54575ce10d3cb538b602a9a08b4a9dc50b840cf251ec75c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ Frame 2F07 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:44:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
796
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 16:44:14 GMT
B28862399.350179673;dc_pre=CL6V25Px-_sCFQINiAkd2pICJg;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/ Frame 2F07
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CL6V25Px-_sCFQINiAkd2pICJg;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_ch...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CL6V25Px-_sCFQINiAkd2pICJg;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CL6V25Px-_sCFQINiAkd2pICJg;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=93818784543;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1B4F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 15 Dec 2022 14:57:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
moatvideo.js
z.moatads.com/voxvidint960547728228/ Frame 2F07 		347 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxvidint960547728228/moatvideo.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
156f8a4a4e02f9d9ec4a553c420e33a0d0c8565524e25c56cb66c3f353c1b5a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:38:55 GMT
server
AmazonS3
x-amz-request-id
B45E31T73W4E6DKJ
etag
"5ff01ffaf4b2147147d0a1641b86f1de"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61906
accept-ranges
bytes
content-length
118199
x-amz-id-2
scBh4XVSiOQrATz0kM/S8LXm/5c4NxdLVrGkfNU2xtRHSOIl5bJ6V4hlrl+du63mbWtbZPuzy+Q=
n.js
geo.moatads.com/ 		84 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=VOXCUSTOMDFP1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=13&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250170&de=266417140989&m=0&ar=67fa5e2a4e8-clean&iw=4301c99&q=2&cb=0&ym=0&cu=1671116250170&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=24002944%3A3104622392%3A6148324234%3A138417154843&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&zMoatST=CNHI&zMoatPOS=adb_leaderboard_mid&zMoatCURL=thetimestribune.com&zMoatDev=Desktop&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatOrigSlicer1=175131904&zMoatOrigSlicer2=22034734345&zMoatProduct=athena-immersion-standard&zMoatCBSAdSlot=adb_leaderboard_mid&zMoatCBSSite=CNHI&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&bo=175131904&bd=22034734345&dfp=0%2C1&la=22034734345&gw=voxcustomdfp152282307853&fd=1&it=500&ti=0&ih=2&pe=1%3A952%3A952%3A0%3A2773&tz=adb_leaderboard_mid&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=201243&na=2146864191&cs=0&ord=1671116250170&jv=255756306&callback=DOMlessLLDcallback_66353121
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.222.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-222-172.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
9e4cde697e3ba7d10291c9a725c83d760576cbfb30aaf21d6f8aa008f1befdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"0f39bc44ae8be590a4622cf8591163e385a554bd"
content-length
84
content-type
text/html; charset=UTF-8
n.js
geo.moatads.com/ 		85 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=VOXCUSTOMDFP1&hp=1&wf=1&ra=1&pxm=8&sgs=3&vb=13&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250170&de=266417140989&m=0&ar=67fa5e2a4e8-clean&iw=4301c99&q=3&cb=0&ym=0&cu=1671116250170&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=24002944%3A3104622392%3A6148324234%3A138417154843&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&zMoatST=CNHI&zMoatPOS=adb_leaderboard_mid&zMoatCURL=thetimestribune.com&zMoatDev=Desktop&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatOrigSlicer1=175131904&zMoatOrigSlicer2=22034734345&zMoatProduct=athena-immersion-standard&zMoatCBSAdSlot=adb_leaderboard_mid&zMoatCBSSite=CNHI&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&bo=175131904&bd=22034734345&dfp=0%2C1&la=22034734345&gw=voxcustomdfp152282307853&fd=1&it=500&ti=0&ih=2&pe=1%3A952%3A952%3A0%3A2773&tz=adb_leaderboard_mid&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=201243&na=495624770&cs=0&callback=MoatDataJsonpRequest_66353121
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.222.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-222-172.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
4d2c2fe9af1897d7f9dc7da8bdae0940e0485b29c8d445aa34a6f691b732c0ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"7ea543cf115585b498b57b941d4df8d8c6b01a6f"
content-length
85
content-type
text/html; charset=UTF-8
VXC_NetflixBardo-Athena_DesktopImmersion_copy.jpg
hymnal-prod.vox-cdn.com/uploads/asset/file/152504/ Frame 5E80 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hymnal-prod.vox-cdn.com/uploads/asset/file/152504/VXC_NetflixBardo-Athena_DesktopImmersion_copy.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ae21ba8afe6488abcb750d2d03d74e42ca6a23ab656aa1c14eff557225ab3f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
via
1.1 varnish
x-amz-request-id
874BA4PCF6EA6BR4
age
165404
x-cache
HIT
content-length
40894
x-amz-id-2
MijgcoEaEeprfm7dHDmJmZEjku9vCbaYKOTGS3UNqcRyUxuwhxQKHfF1pRn/jPSOyX6oz9G5QP4=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 16:02:25 GMT
server
AmazonS3
x-timer
S1671116250.460891,VS0,VE0
etag
"2d29751bd3deb9dabd2c9f2ea77ca6b3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000
accept-ranges
bytes
x-cache-hits
45
Video_Thumbnail_560x3151.jpg
hymnal-prod.vox-cdn.com/uploads/asset/file/152506/ Frame 5E80 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hymnal-prod.vox-cdn.com/uploads/asset/file/152506/Video_Thumbnail_560x3151.jpg
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45d8aeb983ccf7d5a10d2564dca995cac927794124d84980eb2f4ec88adaf154

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
via
1.1 varnish
x-amz-request-id
874D2HEZ67M4BBTH
age
165405
x-cache
HIT
content-length
83663
x-amz-id-2
k2axrN2HCKjqi0qBQpjf0uXys8hwrqIm1HcV/M3nwOTZ0oVDu4Dghonv/JBD5NhClCvO8ti85PU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 16:02:25 GMT
server
AmazonS3
x-timer
S1671116250.461029,VS0,VE0
etag
"58469aeb8071fe33e92185e037277e69"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315576000
accept-ranges
bytes
x-cache-hits
328
truncated
/ Frame 5E80 		669 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d80a783d7f0b7430b54575ce10d3cb538b602a9a08b4a9dc50b840cf251ec75c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ Frame 5E80 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Dec 2022 14:44:14 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
796
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 15 Dec 2022 16:44:14 GMT
B28862399.350179673;dc_pre=CIOp9JPx-_sCFWMCaAgdvGMOuw;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/ Frame 5E80
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
  • https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CIOp9JPx-_sCFWMCaAgdvGMOuw;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_ch...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CIOp9JPx-_sCFWMCaAgdvGMOuw;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Server
142.251.35.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N186801.147391VOX/B28862399.350179673;dc_pre=CIOp9JPx-_sCFWMCaAgdvGMOuw;dc_trk_aid=544162767;dc_trk_cid=180856564;ord=66363797483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ii.js
mb.moatads.com/ 		176 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ii.js?lineItemId=6148324234&callback=lineItemInfo6148324234Callback_8462921
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.222.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-222-172.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
eb5036284f78857aa2ef1791f9cc736b071928a8c0d6c011f33f2bbfd4a47ee6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"4b2dac9f60e20532ddff0810e3d5322ae6c3e1b6"
content-length
176
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ 		121 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.thetimestribune.com%2F&pcode=voxcustomdfp152282307853&ord=1671116250463&jv=1997755760&callback=BrandSafetyNadoscallback_8462921
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/voxcustomdfp152282307853/moatcore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.222.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-222-172.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
847aa713d95891bc3303368bf4649be8699d5f7a4d72a70aeb4ebc43a51b568f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"8d1a4c8660fad31dab9026c1099f25f3ff619c97"
content-length
121
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 1B4F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Dec 2022 06:25:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=55665
Connection
keep-alive
Content-Length
10066
Expires
Fri, 16 Dec 2022 06:25:15 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2694 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70457
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:30 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
10, 152537
X-Served-By
cache-lga13626-LGA, cache-ewr18156-EWR
X-Timer
S1671116251.606310,VS0,VE0
moatvideo.js
z.moatads.com/voxvidint960547728228/ Frame 5E80 		347 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/voxvidint960547728228/moatvideo.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
156f8a4a4e02f9d9ec4a553c420e33a0d0c8565524e25c56cb66c3f353c1b5a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 17:38:55 GMT
server
AmazonS3
x-amz-request-id
B45E31T73W4E6DKJ
etag
"5ff01ffaf4b2147147d0a1641b86f1de"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61906
accept-ranges
bytes
content-length
118199
x-amz-id-2
scBh4XVSiOQrATz0kM/S8LXm/5c4NxdLVrGkfNU2xtRHSOIl5bJ6V4hlrl+du63mbWtbZPuzy+Q=
playlist.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 2F07 		501 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/playlist.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71ded45231c6729854590fc18eb1326a187887bfaf5e729e50f7f19878b4a039

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
95KV7EZZNE20PJS4
age
3449
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
306
x-amz-id-2
xTI6uo0yZdLy49mmyLNRKIEDD3gg8TZdQWRvVw6D8p4C4/Lyrft+5S0qKWwGrjDHVT9gI4p5rb0=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:18 GMT
server
AmazonS3
x-timer
S1671116251.735795,VS0,VE0
etag
"97c2c9a1b1842c26070fb688ad513c8d"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
908
async_usersync.html
acdn.adnxs.com/dmp/ Frame F713 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70457
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:30 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
10, 152538
X-Served-By
cache-lga13626-LGA, cache-ewr18156-EWR
X-Timer
S1671116251.780890,VS0,VE0
%7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ts%22:1671116250789,%22bn%22:false,%22pixelId%22:%228zqgr8y5dzq%22,%22ver%22:%22r-1.30-v2%22%7D
aax-us-east.amazon-adsystem.com/x/px/RFqUDIn18a-aDX5gCZNfFawAAAGFFkpZwwEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB/atf/ Frame 107C 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/RFqUDIn18a-aDX5gCZNfFawAAAGFFkpZwwEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB/atf/%7B%22atf%22:false,%22f%22:0,%22vs%22:%22visible%22,%22ah%22:600,%22aw%22:300,%22ts%22:1671116250789,%22bn%22:false,%22pixelId%22:%228zqgr8y5dzq%22,%22ver%22:%22r-1.30-v2%22%7D?cb=8201797
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WWC9TT69M597DB9N9VZ5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
4de6bb2f-54b4-43d9-a208-c20650280d70
https://www.thetimestribune.com/ Frame 2F07 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/4de6bb2f-54b4-43d9-a208-c20650280d70
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
959c4a6e8dfad550cd19782dba1b1da6b53dd77c09d49596fd677df79530f1a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
6023
Content-Type
application/javascript
439d5e74-65de-4cf6-af8e-cca9df073adc
https://www.thetimestribune.com/ Frame 2F07 		79 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/439d5e74-65de-4cf6-af8e-cca9df073adc
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ec692c8a9db4c997eae04f7c26ff89dbc361942f87ca62cff545788d41b305c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80503
Content-Type
application/javascript
47ae65af-2bbf-4052-a414-9dd4b957bee2
https://www.thetimestribune.com/ Frame 2F07 		79 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/47ae65af-2bbf-4052-a414-9dd4b957bee2
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ec692c8a9db4c997eae04f7c26ff89dbc361942f87ca62cff545788d41b305c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80503
Content-Type
application/javascript
video-764k.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 2F07 		317 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030ad3d019a5a4d704109e6430463eda9456b33dfdd3a5d923d9637ae0a114d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
5CXTWCG848N6MXR4
age
3449
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
174
x-amz-id-2
pYQrg8I43Cllv2g1o3WEHNa1SPV1ATYl5O4wcpZLPCwL18pwALJRvq7+LYnJKF7WUsdUkrT74eg=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116251.896564,VS0,VE0
etag
"a7755da6ed1c49874cd64cf411614a8b"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
602
async_usersync
ib.adnxs.com/ Frame 2694 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:30 GMT
AN-X-Request-Uuid
a32e2118-4ed0-4e39-8a5f-dee440e822a0
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
playlist.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 5E80 		501 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/playlist.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71ded45231c6729854590fc18eb1326a187887bfaf5e729e50f7f19878b4a039

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
95KV7EZZNE20PJS4
age
3450
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
306
x-amz-id-2
xTI6uo0yZdLy49mmyLNRKIEDD3gg8TZdQWRvVw6D8p4C4/Lyrft+5S0qKWwGrjDHVT9gI4p5rb0=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:18 GMT
server
AmazonS3
x-timer
S1671116251.916285,VS0,VE0
etag
"97c2c9a1b1842c26070fb688ad513c8d"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
910
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sharethrough&user_id=f51ddf47-697c-463c-9d5f-54653736d15a&gdpr=0&gdpr_consent=&gdpr_pd=1&usprivacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sharethrough
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=969470210586592007&expires=30&ssp=sharethrough
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
34.225.32.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-32-205.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Thu, 15 Dec 2022 14:57:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=VOXVIDINT1&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250956&de=706780601160&m=0&ar=67fa5e2a4e8-clean&iw=e05e03a&q=12&cb=0&ym=0&cu=1671116250956&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&zMoatProduct=athena-immersion-standard&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&bo=thetimestribune.com&bd=thetimestribune.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&gw=voxvidint960547728228&fd=1&it=500&ti=0&ih=2&pe=1%3A952%3A952%3A0%3A2773&jk=-1&jm=-1&fs=201243&na=1285259267&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
audio_64k.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 2F07 		309 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e8e12c2a37c4ce2594ba4e4779ca7d26f5e053d14525ac2e31adeaa977dc39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
TF772SD9TS6RX6R7
age
3450
x-cache
HIT
content-length
172
x-amz-id-2
aHV2hIeS4j2NitSPES1uz71/hmAryPXJM4qKDOeMbYCq4IFrr1IksQ2zQ0WF+ZIWUfNOqIFV1Hw=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116251.994498,VS0,VE0
etag
"bb8cda884d4289424be6371f7f315d42"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
922
view
securepubads.g.doubleclick.net/pcs/ Frame 2F07 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZAoiorq7ytYPheUtSt_6ZSFvxiuetTmLGEhH9z74pR32BPzSep9dLR48OQls3KqIxFHCGAuMRdetlX8QjqshaIrCCtU7o3L1wYEzRTPqQ5njUKLP84S9fWrsrBIlcoy1a2NeBTj4RsY2qlFShaoT7f13RF7zLYiiLiiWSGYleZ0q8Zw4IYHfduBKW3Ri6pn9dVXEP9tl6Eh8SGlrp7O75tMxxuSRcWu4FumXG3fGmcz54sHD_G7yN7SUGAhkhEqhvy9-iy6RV3V_RfStiR456ql0bcEDSY8hYrcfmh6m4n-uqnveej0_XT9YwRKG_6SDG2_lUEqSm17wDWOQHi4BE801PXOdofyEvjCut0dMG5w&sai=AMfl-YRAsva8iSF7KufuaFuYgcPjK64IGRNtVz4zadOyI7KuqjW7fwMv8Ecqx8ElIQ6fINN0TM8taloRp4_Zjb7hvuH9HV6PyriZz3J-DA1GjECeOQCib2M4LfBj0u_BjDn1Jg&sig=Cg0ArKJSzPDDTSAJbwIaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:31 GMT
a4df75e1-8381-409c-b5a0-ff35ff008bf3
https://www.thetimestribune.com/ Frame 5E80 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/a4df75e1-8381-409c-b5a0-ff35ff008bf3
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
959c4a6e8dfad550cd19782dba1b1da6b53dd77c09d49596fd677df79530f1a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
6023
Content-Type
application/javascript
b2e76412-a190-499a-bb3e-24fef2659033
https://www.thetimestribune.com/ Frame 5E80 		79 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/b2e76412-a190-499a-bb3e-24fef2659033
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ec692c8a9db4c997eae04f7c26ff89dbc361942f87ca62cff545788d41b305c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80503
Content-Type
application/javascript
1a5d544c-45e6-4eef-9121-cd7c18f18b74
https://www.thetimestribune.com/ Frame 5E80 		79 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/1a5d544c-45e6-4eef-9121-cd7c18f18b74
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ec692c8a9db4c997eae04f7c26ff89dbc361942f87ca62cff545788d41b305c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
80503
Content-Type
application/javascript
video-764k.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 5E80 		317 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
030ad3d019a5a4d704109e6430463eda9456b33dfdd3a5d923d9637ae0a114d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
5CXTWCG848N6MXR4
age
3449
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
174
x-amz-id-2
pYQrg8I43Cllv2g1o3WEHNa1SPV1ATYl5O4wcpZLPCwL18pwALJRvq7+LYnJKF7WUsdUkrT74eg=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116251.005128,VS0,VE0
etag
"a7755da6ed1c49874cd64cf411614a8b"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
603
async_usersync
ib.adnxs.com/ Frame F713 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:31 GMT
AN-X-Request-Uuid
c676c819-fa71-436a-b22a-7bd6eb0db917
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=9&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=9&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=342&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=42&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=1&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=42&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=2&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=42&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=3&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
video-764k-00001.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 2F07 		424 KB
424 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00001.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ccbbf43514cefd19d0a54e14ced8fc6f332f96b39afbeb3d43b41180266c59e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 varnish
x-amz-request-id
5CXTJXK4351B26BS
age
3449
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
434092
x-amz-id-2
q39GGGi5ulR6BdAz26h7InKzseX533oZVq4Bm6Gyge7gt+yQI2KlFgB1Hz1aK647bj7QI8nCWQU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116251.048691,VS0,VE0
etag
"ba6013762087d45e53f800da5bc958f1"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3
pxl
engagefront.theweathernetwork.com/ 		42 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engagefront.theweathernetwork.com/pxl
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.23.120.34.bc.googleusercontent.com
Software
TornadoServer/4.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
server
TornadoServer/4.2
etag
"d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p
policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type
image/gif
cache-control
max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Thu, 15 Dec 2022 14:57:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5E80 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1Yn9e_XcBsGVBu9HfQsmu83nlSgfDc8RDYLOatd7tvDfnKajscNRlBuu8LCs72XXN2PhoPpj8GiNP0ke19A7twecj7xwZlDsG8xOiurRXyBpaJWUeReE6XxubLD0V5Tprt_wLXaM56XOijftXW-_z1ueaYgapq2DLzhUFrjAVyt4vSfbr-KZbBWg0lVXWuevU8jOZ3WbyE7PcpkOJWbqY9ipDi8UGQrMIOmuEyYcXVfp6Lj0JnAhIzFsVnc1KsH9_iQAetC4o4_8c9dUNamDhqWz7b1AfFKZe26d6evo_7-BsajxObu2jtPwP8UxTHSAR5Ws2XPVIQP_iqeRiTuHcowlBh1xBTpSUw2wiI6mm1g&sai=AMfl-YQkLDOawn4iY6PFLa7HCckQVzZsmHcQXdDsO2gE6fieENMw4WeI4MelnC0Y4GmJR6LdpM7jBPWBo2nVrLFDjE5rKAyWKdHl0z6MPsXVjjtPEPnqyx9oYHB4QEl9fJCNIA&sig=Cg0ArKJSzLbwaudaSPcBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Dec 2022 14:57:31 GMT
collect
www.google-analytics.com/j/ Frame 2F07 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Astart&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=1891838412&gjid=1920200435&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&_r=1&_slc=1&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=1613720632
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=107&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=107&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116250956&r=706780601160&t=meas&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&mobile=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=107&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=107&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116250956&r=706780601160&t=nht&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&mobile=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=107&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=107&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116250956&r=706780601160&t=hdn&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&mobile=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
collect
www.google-analytics.com/ Frame 2F07 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Aplay&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=1329180980
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63776
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
audio_64k.m3u8
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 5E80 		309 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k.m3u8
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2e8e12c2a37c4ce2594ba4e4779ca7d26f5e053d14525ac2e31adeaa977dc39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
TF772SD9TS6RX6R7
age
3450
x-cache
HIT
content-length
172
x-amz-id-2
aHV2hIeS4j2NitSPES1uz71/hmAryPXJM4qKDOeMbYCq4IFrr1IksQ2zQ0WF+ZIWUfNOqIFV1Hw=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116251.116776,VS0,VE0
etag
"bb8cda884d4289424be6371f7f315d42"
vary
Accept-Encoding
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
923
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=655&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 342D 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:29 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pd
us-u.openx.net/w/1.0/ Frame EED6 		1 KB
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Requested by
Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.1710310.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7b7f6dd1c4351caf838aadd7b2972092d630a07a939f7832dd08c55ff9de00b4

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
619
content-type
text/html
date
Thu, 15 Dec 2022 14:57:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
audio_64k-00001.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 2F07 		56 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00001.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b236aea82ac2205b60e11db45cbf44fad9115315e12f4c742eb306ce9dfce726

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 varnish
x-amz-request-id
TF76ND80AXYF835Q
age
3450
x-cache
HIT
content-length
57716
x-amz-id-2
P2kUA4daJz27n6Qd0D+d2wBKRDCuDxK9h/OnOLzwqjD0uYS6G/VehPcc3O1cPRNKDqmWJX9GIgU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116251.163546,VS0,VE0
etag
"2a8f82ef8b8868d7c7da1853aedc40e0"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1217
video-764k-00001.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 5E80 		424 KB
424 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00001.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ccbbf43514cefd19d0a54e14ced8fc6f332f96b39afbeb3d43b41180266c59e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 varnish
x-amz-request-id
5CXTJXK4351B26BS
age
3449
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
434092
x-amz-id-2
q39GGGi5ulR6BdAz26h7InKzseX533oZVq4Bm6Gyge7gt+yQI2KlFgB1Hz1aK647bj7QI8nCWQU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116251.164973,VS0,VE0
etag
"ba6013762087d45e53f800da5bc958f1"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
4
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=VOXVIDINT1&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116251006&de=369412274217&m=0&ar=67fa5e2a4e8-clean&iw=e05e03a&q=15&cb=0&ym=0&cu=1671116251006&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&zMoatProduct=athena-immersion-standard&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&bo=thetimestribune.com&bd=thetimestribune.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&gw=voxvidint960547728228&fd=1&it=500&ti=0&ih=2&pe=1%3A952%3A952%3A0%3A2773&jk=-1&jm=-1&fs=201243&na=1399761298&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=242&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=4&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
collect
www.google-analytics.com/j/ Frame 5E80 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1506855948&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Astart&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&_slc=1&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&cd24=&cd1=598968&cd2=30&z=2105113047
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=175&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=175&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116251006&r=369412274217&t=meas&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&mobile=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=175&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=175&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116251006&r=369412274217&t=nht&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&mobile=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=175&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=175&dh=0&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116251006&r=369412274217&t=hdn&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&mobile=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
collect
www.google-analytics.com/ Frame 5E80 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1506855948&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Aplay&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&cd24=&cd1=598968&cd2=30&z=184842099
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63776
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 2F07 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-96398693-1&cid=333536868.1671116245&jid=1891838412&gjid=1920200435&_gid=1283124798.1671116245&_u=SAEAAEAACAAAACgAI~&z=721422931
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 15 Dec 2022 14:57:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
53233
i6.liadm.com/s/ Frame EED6
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=c210d892-2778-019d-37f1-283e2ed75adb
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=c210d892-2778-019d-37f1-283e2ed75adb&previous_uuid=04b6654fdcb34b9881ddaa46c553b791
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603
  • https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603
43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:e5e8:a01c:2029:474f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:31 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3560567457612390603
Date
Thu, 15 Dec 2022 14:57:31 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
g.pixel
aa.agkn.com/adscores/ Frame EED6 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=de24e468-5f6e-007d-1f35-58b224870912
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-51.cmh68.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 dfadeb49b0e79d8ca3251c51b8dc6acc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
CMH68-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
KDRUlTkO5vI2mZYzeN27AKZcsVo-P5uRyz56yuyePHH9nz1XMI-x4A==
expires
0
37274
stags.bluekai.com/site/ Frame EED6 		62 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=e5b25cb0-25d5-066d-0f80-4b1c3f11fb87
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.211.156 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-44-211-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
745f
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame EED6 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame EED6
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=dd2830f3-42d8-07a2-03e2-4f7940739505&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y5s122ZigEJqFWQC55-GhmWO
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y5s122ZigEJqFWQC55-GhmWO
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 14:57:31 GMT
server
Aorta/20221212.e40ee77a0
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=Y5s122ZigEJqFWQC55-GhmWO
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f07cb89032bd
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame EED6
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=HfCOKrkkgsKTA5iPd1ihjg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
bt9fmg56je5n40uoo07uue401oci6u7p

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EED6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=25b0639b-35d8-4a00-967b-6b3a039ff7a4
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:31 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x54 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=25b0639b-35d8-4a00-967b-6b3a039ff7a4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 14:57:30 GMT
sd
us-u.openx.net/w/1.0/ Frame EED6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=b01a49f8-8e86-477e-8aa4-15060e6da8b6
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=b01a49f8-8e86-477e-8aa4-15060e6da8b6
Date
Thu, 15 Dec 2022 14:57:31 GMT
Connection
keep-alive
X-CI-RTID
f0540803-dc37-4018-86e8-3e7a49d82da5
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame EED6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EED6 		95 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=c4d877ea-4ba5-066b-3f96-4cee97cd5a38
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=b57fc54c-d3aa-4ec1-8cb3-aa1b43dba69f&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
audio_64k-00001.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 5E80 		56 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00001.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b236aea82ac2205b60e11db45cbf44fad9115315e12f4c742eb306ce9dfce726

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 varnish
x-amz-request-id
TF76ND80AXYF835Q
age
3450
x-cache
HIT
content-length
57716
x-amz-id-2
P2kUA4daJz27n6Qd0D+d2wBKRDCuDxK9h/OnOLzwqjD0uYS6G/VehPcc3O1cPRNKDqmWJX9GIgU=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116251.254583,VS0,VE0
etag
"2a8f82ef8b8868d7c7da1853aedc40e0"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1218
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thetimestribune.com%2F-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250956&de=706780601160&cu=1671116250956&m=142&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9915&le=1&lf=0&lg=1&lh=57&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A952%3A952%3A0%3A2773&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=107&cd=0&ah=107&am=0&dq=107&dr=0&ds=107&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=201243&na=1588755434&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
liveView.php
live.primis.tech/live/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e58e54ffd565c483df9dad3c0b4c1825bdace681a26fb396308a9745e1ad0e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
UYm9uDyTnjm4g0t_aRUj3b46aEqyJ4ss689YUXDfr7V8YasG3V5aJA==
config.js
cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/ 		121 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNNWDH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b934bf659361398e91529639181af83a3f96aa8553a24d39e61d99e8b22c19b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Dec 2022 14:01:19 GMT
server
cloudflare
x-amz-request-id
B2ZX7A4XKD4CVA13
age
424
etag
W/"187dd6e0b99412427c51845d708d1e43"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
77a0083afcd68cbd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MZXvmeOKzWg7+nSPrJWqIOjuD849gX3V1qTO/wD4Zr9rRekMOt5QC5gZKHm0rT4B9NwFER7EkSk=
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250956&de=706780601160&cu=1671116250956&m=147&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9915&le=1&lf=0&lg=1&lh=57&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A952%3A952%3A0%3A2773&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=107&cd=107&ah=107&am=107&dq=107&dr=107&ds=107&dt=107&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=251290695&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212121148/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212121148/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/yjsuMg1kkWeWHf5qo2WHhexYOVs/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 16:50:50 GMT
server
cloudflare
x-amz-request-id
1VHPK00KTHJ4FPY9
age
245067
etag
W/"a295e934190c6de7fe47fed7fbac382f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
77a0083b7fd5c422-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MCZHO1FasWwZ9oy96gFXK+uDb4Z8WPkZCipwinN5I9HWjSblShx1x815/ufecZ/xhWbhYGC60JIwT9otFAqG1g==
diberp-tcx-v7.13.0.js
www.americanhometownmedia.com/static/ 		328 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.58.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.58.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 19:16:18 GMT
content-encoding
gzip
age
1453273
x-guploader-uploadid
ADPycds21cqE61qnjP0dYjjkLtv0ZZZYCxmxSu8kYShlV8hvpQB2VVawh3C5q0YQKm3J_s129BkTOYv69uY2nwkkB_Es97lOPsgT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104504
last-modified
Mon, 29 Aug 2022 14:20:21 GMT
server
UploadServer
etag
"f085c7609fb7c47fb72fd768d721373e"
vary
Accept-Encoding,Origin
x-goog-generation
1661782821233427
x-goog-hash
crc32c=qwVX7w==, md5=8IXHYJ+3xH+3L9do1yE3Pg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
104504
accept-ranges
bytes
expires
Tue, 28 Nov 2023 19:16:18 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27536
x-xss-protection
0
server
sffe
etag
"1422 / 969 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.thetimestribune.com%2F-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=0&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116251006&de=369412274217&cu=1671116251006&m=193&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9915&le=1&lf=0&lg=1&lh=97&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A952%3A952%3A0%3A2773&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=175&cd=0&ah=175&am=0&dq=175&dr=0&ds=175&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=2&jm=-1&tc=0&fs=201243&na=1946888978&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=13&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=8&g=1&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116251006&de=369412274217&cu=1671116251006&m=195&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9915&le=1&lf=0&lg=1&lh=97&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A952%3A952%3A0%3A2773&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=175&cd=175&ah=175&am=175&dq=175&dr=175&ds=175&dt=175&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=98047182&cs=0
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:31 GMT
liveView.php
live.primis.tech/live/ Frame A265 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1671116251&pubUrlAuto=https%3A%2F%2Fwww.thetimestribune.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
31ac0e2d662ac17b7643e4118219024b8c3a86dd90305782542b8940143d0163

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
yZt9BaYwNZ_wFa79SjD7nYd9QazGpoXPAlLuGj15kumBsAwdrO6X_g==
PugMaster
image6.pubmatic.com/AdServer/ Frame 0088 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20826618&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5c79925707272c212f7217569040807d4254b8b9ff370d0e663d125d17d77fca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 2C90
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=abd394bb-3e4c-4e06-a4d4-d431ec606011&user_group=1&ssp=pubmatic&bsw_param=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:32 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 0414
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBdEhrN0hObXdBQUNJYTB4eWN3dw&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAtHk7HNmwAACIa0xycww&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas,pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAtHk7HNmwAACIa0xycww&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1743175450290086261&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAtHk7HNmwAACIa0xycww&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1743175450290086261%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1743175450290086261&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAtHk7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAtHk7HNmwAACIa0xycww&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAtHk7HNmwAACIa0xycww&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:32 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAtHk7HNmwAACIa0xycww&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame 7631
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=57988376775515890&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 15 Dec 2022 14:57:30 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame D324 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:31 GMT
expires
Thu, 15 Dec 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
584200
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 55CD
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_cc8d6b8303884f4bae5cf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://a.usbrowserspeed.com/cs?puid=f547bf67-3a8c-5584-ad26-31dc2e5fd110&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d838a010-d969-4065-bd0a-9112066ae39c&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
1 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:32 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame A217
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=bf366404-1d0c-476a-946f-44374452a18f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
1 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:31 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Server
nginx
usersync
usersync.gumgum.com/ Frame 85A3 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:31 GMT
Expires
0
Pragma
no-cache
qmap
sync.crwdcntrl.net/ Frame 0088
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
52.207.194.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-194-90.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.8.14
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.40.6.121
content-length
0
expires
0
/
io.narrative.io/ Frame 0088
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9
  • https://io.narrative.io/?io.narrative.guid.v2=cd32fa20-7c88-11ed-be1a-12592cdca9e3&companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=cd32fa20-7c88-11ed-be1a-12592cdca9e3&companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Server
54.204.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-251-148.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:31 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=cd32fa20-7c88-11ed-be1a-12592cdca9e3&companyId=673&id=pubmatic_id:265CC617-1E50-470A-96B5-657054BAA8F9
Date
Thu, 15 Dec 2022 14:57:31 GMT
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
g.pixel
aa.agkn.com/adscores/ Frame 0088 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-51.cmh68.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:31 GMT
via
1.1 dfadeb49b0e79d8ca3251c51b8dc6acc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
CMH68-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
-mK366VKNjZizQK0Rm_pfxhNzknX7Yx0ZTa405J3ixntiD_QBCpGdA==
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 0088
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:31 GMT
Frontend-ID
10
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:31 GMT
Frontend-ID
0
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=265CC617-1E50-470A-96B5-657054BAA8F9&sInitiator=external&gdpr=0&gdpr_consent=
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 0088
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3b5af524dfd3161e&is_secure=true&networkId=17100&version=1&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAHyc6i5UI2ZANj__WaAAAAAAA&expiration=1671202651&nuid=265CC617-1E50-470A-96B5-657054BAA8F9&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 14:57:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0088
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b01a49f8-8e86-477e-8aa4-15060e6da8b6&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://a.usbrowserspeed.com/cs?puid=e0b0c194-9e2a-5f0b-a5fa-c80f075d4e26&pid=lc&r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=d838a010-d969-4065-bd0a-9112066ae39c&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:32 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 15 Dec 2022 14:57:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame 0088
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B330_FAF05FF1_28747F0E&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Server
204.2.255.233 Pompano Beach, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-354103051; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:31 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-354103051; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 15 Dec 2022 14:57:31 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0088 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.95.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-95-148.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
hls.0.12.4_3.min.js
live.primis.tech/content/video/hls/ Frame A265 		258 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1671116251&pubUrlAuto=https%3A%2F%2Fwww.thetimestribune.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 12:48:35 GMT
server
nginx
x-amz-cf-pop
CMH68-P2
etag
W/"623b1723-409bc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
C1GwafNH2pU-_STu1vS9lL2jyapfm80wnI3aQ3zTsdtF94NzmywpfQ==
expires
Fri, 15 Dec 2023 14:57:31 GMT
prebidVid.7.16.0_4.min.js
live.primis.tech/content/prebid/ Frame A265 		510 KB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1671116251&pubUrlAuto=https%3A%2F%2Fwww.thetimestribune.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:30 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
last-modified
Mon, 31 Oct 2022 08:19:20 GMT
server
nginx
x-amz-cf-pop
CMH68-P2
etag
W/"635f8508-7f9a4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, public
accept-ranges
bytes
x-amz-cf-id
W3W9pNSnfjIOtwrZFsYIV-FMEANtMF4coDGo22ipHAG1w5riBaiRcQ==
expires
Fri, 15 Dec 2023 14:57:30 GMT
liveVideo.php
live.primis.tech/live/ Frame A265 		591 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=105129&cbuster=1671116251308&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&subId=[SUBID_ENCODED]&vp_content=plembed2ec7uiqgvwtyt&vp_template=7898&schain=1.0,1!americanhometownmedia.com,00021,1&cbuster=1671116251&pubUrlAuto=https%3A%2F%2Fwww.thetimestribune.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4eeafa7e773c381337f58b0eb4dfe7579e0f3bb26df2dbf3a00cf209a057429c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:31 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
x-amz-cf-id
J2gdc8xnQTxKY54yb04uEpxExLg2Ia-4rY4-apoXwHnqbbzL7NJziw==
async_usersync
ib.adnxs.com/ Frame 2694 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:31 GMT
AN-X-Request-Uuid
e868eb2c-e32f-4be1-a0f4-a0bc76c47d4a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F713 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:32 GMT
AN-X-Request-Uuid
fcf1d3aa-5ac3-4a84-ad7a-cbd8e2306009
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
audio_64k-00002.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 2F07 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00002.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
facbb9d2a1e30a85a089c59276bbbf78a9ed98230020a76c873cee3a4d51741c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
via
1.1 varnish
x-amz-request-id
TF71Q56W15N13034
age
3451
x-cache
HIT
content-length
53016
x-amz-id-2
8XtoVfsCYTMjrzIX5xp4x3JgBYOVyaKg3+q9U2071AH70G76435bqTkOIGGRAzHsUXJ/1Qn2mFQ=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116252.406792,VS0,VE0
etag
"3378dce33677749f4304e49b21661073"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1151
audio_64k-00002.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 5E80 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00002.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
facbb9d2a1e30a85a089c59276bbbf78a9ed98230020a76c873cee3a4d51741c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
via
1.1 varnish
x-amz-request-id
TF71Q56W15N13034
age
3451
x-cache
HIT
content-length
53016
x-amz-id-2
8XtoVfsCYTMjrzIX5xp4x3JgBYOVyaKg3+q9U2071AH70G76435bqTkOIGGRAzHsUXJ/1Qn2mFQ=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116252.474098,VS0,VE0
etag
"3378dce33677749f4304e49b21661073"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1152
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=2oebu0&_p=1089137470&cid=333536868.1671116245&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&sid=1671116245&sct=1&seg=0&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-764k-00002.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 2F07 		386 KB
387 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00002.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2fcf5e55b78e1a420c535587437e96998c57a88507cbce21f7ca95c1527e140

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
via
1.1 varnish
x-amz-request-id
5CXZHZV3XQPFM8AS
age
3450
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
395740
x-amz-id-2
a+iLzvmt6kiEJoM28SjF7YT8/UbTqMSPl1nUtNZlyY/WGaPgjM9aOa7/yCSS8gbn/hIKaH+GaWc=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116253.881260,VS0,VE0
etag
"c8092b3bd3dd76ef3fb932befecc6184"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2
video-764k-00002.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 5E80 		386 KB
387 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00002.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2fcf5e55b78e1a420c535587437e96998c57a88507cbce21f7ca95c1527e140

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
via
1.1 varnish
x-amz-request-id
5CXZHZV3XQPFM8AS
age
3450
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
395740
x-amz-id-2
a+iLzvmt6kiEJoM28SjF7YT8/UbTqMSPl1nUtNZlyY/WGaPgjM9aOa7/yCSS8gbn/hIKaH+GaWc=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116253.971743,VS0,VE0
etag
"c8092b3bd3dd76ef3fb932befecc6184"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3
%7B%22adCsm%22:[%7B%22ns%22:1671116249441,%22st%22:%22172.60%22,%22re%22:%22286.40%22,%22ldTot%22:%22113.80%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.10%22,%22csmTot%22:%...
aax-us-east.amazon-adsystem.com/x/px/RFqUDIn18a-aDX5gCZNfFawAAAGFFkpZwwEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB/ Frame 107C 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-us-east.amazon-adsystem.com/x/px/RFqUDIn18a-aDX5gCZNfFawAAAGFFkpZwwEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB/%7B%22adCsm%22:[%7B%22ns%22:1671116249441,%22st%22:%22172.60%22,%22re%22:%22286.40%22,%22ldTot%22:%22113.80%22%7D,%7B%22lteu%22:%220.00%22,%22ltut%22:%220.00%22,%22ltpq%22:%220.10%22,%22csmTot%22:%223.00%22%7D],%22pixelId%22:%228zqgr8y5dzq%22,%22ts%22:1671116253045,%22ver%22:%22r-1.30-v2%22%7D?cb=1703618
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.177 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://aax-us-east.amazon-adsystem.com/e/ax/creative?b=JFqUDIn18a-aDX5gCZNfFawAAAGFFkpXrgEAAAV4AUEzcHhfdHhuX2JpZDIgICBOL0EgICAgICAgICAgICCY2aLB&c=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrIb12DWbY4ikMYqZoPwPup-tgAKU6Z70XJWosJVkwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNzMyNzY2MjQwODMwMzE1NsgBCeACAKgDAaoEsAJP0JmYLwApV9UMllBr1gSm-zmAdnGBk3C8OnkIjLNxj89qbh0sVuUTlmZcBC-zcD7nt61uSvBWikLVq61Mp3PcS8gzswa2FfQmZgiRzloPK9DI3c4367NF_-yqTd_BaqVhab3wBdFlfvoK7QU33A4s3f0WxzXtoi6IMkrvJ4ZvlsDO6U9uRb3RopVKi7kR1B8VRb1HwsKSjnKiBJs1KPnQ9oRR19HknktqqNrpJMnXbLP0nagFWJ8E4F0ULWOj80DU5HNNpY4mrz3p4KELj_ui0DY_9rb1TQPHVj2f-IAJVRROWsjgde0Y0zJybY5Xemo-4V1MqC6A6q5D9C2tJh00p4yr8k_y2zEbYKIS4rllWps9lpIM5a6g9JeSrOnCamVccaR_8o6kP_CnmALpK_GX4AQBgAaG3a-654KsgHOgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3qMt6Nnb4G9pMr5nhTXyZrBXSAPQ%26client%3Dca-pub-7327662408303156%26adurl%3D&w=Y5s12AAMUggJiAyKAAtPuio1zHxmw8Nk9Ktq2w&s=300x600&bcv=1&bc=cLHUQlZen.NLoIERIw5eV8kQdC.pj8s6R.tkhsH9VIOlaAY6I.aNpDI8Hu1tGgUCjFSKfA4tFqBxCvf8WW4MER1MQZ81Uo4MmXBz52LfJDG-wf9RO2zlNsCt6AsIC9vIDVNATtd0qFkm2t7J5cITLzIRVHeZllOVdPaPrkeatz.DuVwzXqAk3qMnrHMhLT0AWmqjy1z1Zsr5bz5GlDpV9bqmixuM85dqgNy-v4vcWaVfNRJ8URfXHBywVoCFOFQipelbz8b.aawhVHtc5xIaTgKYuGSMVUBTqz-HNpAnX2nIeAmZ0RUGvTVtHkwVPfZand8s95Rsg3htDsZ6xQbbXqDDjUozI2A2SHBGiOQDQTKm4ZVjeSjSBrErfkZQaU9FBG17YQXIi2H06d15CX2R8XO5xgvrMvmXbxgYoH4on7B-F59VS1gf3IsdUKbpiCtIIU8-WtdjeWo2O1Kqixxhm4WDzisLkUklHXjthuRUIAD-7pl1pO1BkQZra-zWuceeZl2Kx.SL4fypoMsRwOsbIsHEROaGhp8wNtVdoV001R9ua7BokuPmd7d0ReAYKCUwB02J-0pApiN0gQNLabEM7vn31fGJw4V4Kz1iriSCYokKIGaBiPrsox82w5byI7Bg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:33 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HPHKQ26PYHHJZVQ0KHAN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
x-amz-cf-pop
CMH68-P2
etag
W/"620367f6-465a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
FijIwDsKamkes0JgZoXEsvQJLCEuiQstBwphC01eHDwOZR4XB1X9pw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame A265 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:00:45 GMT
content-encoding
gzip
via
1.1 ed11b381965875f4766a15a39ce86a5a.cloudfront.net (CloudFront), 1.1 7e4c775b563a7a47cbdf48a806a6bd2a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Dec 2022 21:39:34 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1, CMH68-P1
age
3409
etag
W/"909ff158818033daa43a2d271ecda3db"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
jy6pefFYFXxu3E4XuNGd9K32TUzec8WIXqzqydt4_8Rgv2bGYge0MQ==
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A265 		92 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=793790479&pt=17&dpn=1&jsver=5.09&iiqidtype=2&iiqpcid=d782e5ff-290e-4b35-8cac-6a4975bee983&iiqpciddate=1671116253287&iiqcallcount=0&iiqfailcount=0&iiqnodata=false&iiqlocalstorageenabled=true&tsrnd=209_1671116253289&cttl=43200000&rrtt=0&dud=0&abtg=A&iiqppcc=0&vrref=https%3A%2F%2Fwww.thetimestribune.com%2F&ref=www.thetimestribune.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.172.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-172-121.cmh68.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
dc9b9f50d84004d050c7d2e03d7448c3c80970e538d48b6913cffde4931f07c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 773037e393cd6076bf819021d17f11ea.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
nDnRjpxUBACyoR6CTqUgtn_kvmA82uPoqT9tu1tpDf0YEahaB82low==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame A265
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=860871&iiqidtype=2&iiqpcid=d782e5ff-290e-4b35-8cac-6a4975bee983&iiqpciddate=1671116253287&tsrn...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=793790479&rnd=860871&iiqidtype=2&iiqpcid=d782e5ff-290e-4b35-8cac-6a4975bee983&iiqpciddate=1671116253287&tsr...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D793790479%26rnd%3D...
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5409130810637765558
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:32 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A265 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.168.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-168-23.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding
gzip
via
1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront)
date
Thu, 15 Dec 2022 09:02:00 GMT
x-amz-cf-pop
CMH68-P1
age
21334
x-cache
Hit from cloudfront
last-modified
Wed, 07 Dec 2022 02:43:04 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
y5wJ2QKL9ldHrSbFGC-vdXHC7hCZbBk7815by2XJ2v_9QeiOY2Kh7w==
css
fonts.googleapis.com/ 		1 KB
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 14:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Dec 2022 13:16:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Dec 2022 14:57:33 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 3A1D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D98%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=98&advUuid=3503e2a6-5ce4-031f-3112-421b4809d821
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1486637409&pcid=3503e2a6-5ce4-031f-3112-421b4809d821
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1486637409%26rnd%3D...
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=57988376775515890
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Thu, 15 Dec 2022 14:57:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 15 Dec 2022 14:57:32 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ssbsync.smartadserver.com/api/ Frame B2E4 		829 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
cfadb856e85534f7724aa633267d37b3fb272cc18f7abae220019895a6768867

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
829
content-type
text/html
date
Thu, 15 Dec 2022 14:57:33 GMT
liveView.php
live.primis.tech/live/ Frame A265 		19 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YTxkYzM4ODx5NmImNTplMl5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV0U1TVqKnx9EZmVPVGN5TXcVM01dTXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4TURVMU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56RXyOVEU0TWcBS2ZRLaM4o0qMpENKQ0RznVqyVzVSOFQlUVRmQV94qWImRxJfoXZlQVJMQyc2VUxzqzyxX2NioaRyoaRsnWQ9NwAlMmQjJaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsZHVlYXRco249NTAzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyqGygZXN0pzyvqW5yLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMTM1NUYmMTM2N0Q3QwpmMmEmNTMjMmtmOTM0MmYmMmqEN0I0MmMmMmA3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1ODUlNmA2MwU3NTY3QTY0NDt0QTpjNTx2RTU2NmU1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTQjLwpkNTpzZ2ViTG9hZm0gNmQzqXNypxyjQWRxpw0lYTBxJTNBNTYjMCUmQTI0JTNBMTQjMCUmQTEjMTEyM0FyOTAmJTNBZTyzZvUmQWI1Y2QzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWFgZXJcY2FhnG9gZXRiq25gZWRcYS5wo20yMxMjMDAlMSUlQmEzpGkurWVlQXBcSWQ9JzF2YWyfQ2FgpGFcZ25mPSZwp3V1nWQ9NwM5YwM1ZGI5NzEjNvZwYaVmqGVlPTE2NmEkMTYlNTM0NwM=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
11b2d411b6cd682f019c5471f70f650726f20006977bc023c666f38ad8106abb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:32 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.thetimestribune.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
4671
x-amz-cf-id
ki9Q0ZApgoKEgbf5r-DPGfj3MrjhFTC9sDevQxksV7cmwfE1PpnJDA==
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY3MTEkNwI1MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJaN1YxyxPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmEmMwJEMmEmNTVGMmEmNwqEN0I3MmMkMmUmMDM4MmxmNDM2MmM3RDqCNDMmMmMjN0Q3QwUmNwQmMmY0MmM0QmZFNTI2RwVBNTt1MwpjNwI1NmU2N0E2NDQ4NEE3MDU5NxU1Nwp1NUE1MmM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNDMjMmA3RDqCNTxmMwMlMmU3RDqCNwYmMTqEN0I0QmM3MmtmOTM4N0RGRUZFJzRcYWyxPSZ1p2VlSXBBZGRlPTJuMGQyM0E1NwAjJTNBMwQyM0EkNDAjJTNBMTAkMSUmQWU5MDMyM0FyOWZzJTNBYwVwZCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMDthMC41MmU5LwElNCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwM5YwM1ZGI5NzEjNvZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwpkMTE2MwUmNDM2JaVcZD1TZWgcozRiU1BfYXyypwYmOWImNWRvY2U0NmMzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZXRcoWVmqHJcYaVhZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWyk
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:32 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
8FyhAVd8MJU2oc6o7HbHoeWewQHGt6LWnlsPapzHtqPUsv2p43E0ug==
p-1ZHFxK2kGG5Cz.gif
pixel.quantserve.com/pixel/ Frame A265 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-1ZHFxK2kGG5Cz.gif?labels=publisher.22235.space.105129,adsize.400x225
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
sync.smartadserver.com/ Frame A265
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sekindo&gdpr=0&gdpr_consent=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=sekindo&bidswitch_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=3c33dfd7e7833733278b7135b485babe&expires=30&ssp=sekindo&bsw_param=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://live.primis.tech/live/liveCS.php?source=external&advId=92&advUuid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1267919208&pcid=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://ads.yieldmo.com/pbsync?redirectUri=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1868283820%26mi%3D10%26csh%3D1486637409%3B1028935272%3B1881119...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1868283820&mi=10&csh=1486637409;1028935272;1881119486;1267919208&rnd=945981094&pcid=g6e10c61c5d3cd7fa7ab
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1881119486%26mi%3D10%26csh%3D1486637409%3B1028935272%3B18811194...
  • https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1486637409;1028935272;1881119486;1267919208;1868283820&rnd=-...
0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1486637409;1028935272;1881119486;1267919208;1868283820&rnd=-1329606455&pcid=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1881119486&mi=10&csh=1486637409;1028935272;1881119486;1267919208;1868283820&rnd=-1329606455&pcid=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://csync.loopme.me/?pubid=11280&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D93%26advUuid%3D%7Bviewer_token%7D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=93&advUuid=31c230f3-bd61-4ba6-afa9-5f9d1e056e92&gdpr_consent=null&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=417208643&pcid=31c230f3-bd61-4ba6-afa9-5f9d1e056e92
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D417208643%26rnd%3D1...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=584182936&rnd=2043648548&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D584182936%3B1402230080%26rnd%3D-783937336&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=584182936;1402230080&rnd=-783937336&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%26rnd%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=584182936;1402230080;1709765917&rnd=1997172699&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D584182936%3B14...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
PGS39YeEvuHvRX-I9UhrfY4jHu1mPXivKO6Lp4OP2Yp4RprQsaLoOQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
I7swaQbfv9IIpHut10IeuTlckkxJ-Sv063eucDzpGe2ojdHSaNRpNQ==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D121%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=121&advUuid=2942926129357839341305
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=259151345&pcid=2942926129357839341305
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D259151345%26rnd%3D-...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1881119486&rnd=1027927471&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1881119486%3B1402230080%26rnd%3D954020271&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1881119486;1402230080&rnd=954020271&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%26rnd...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1881119486;1402230080;1709765917&rnd=424257993&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1881119486%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
mLLHhYUp2mqiNsvMhZLBt15JutAUtK-V-PrN9yB_OucfDtW-2NizpQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
KmpL0c0B0S-CS1zjBL8swhpA6aemLTjiJrDZaGOeuVkxPX28J1ZcNQ==
tap.php
pixel.rubiconproject.com/ Frame A265
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1486637409%26mi%3D10%26csh%3D14866...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1486637409&mi=10&csh=1486637409;1725065545&rnd=-528095315&pcid=3503e2a6-5ce4-031f-3112-421b4809d821
  • https://ce.lijit.com/merge?pid=8101&3pid=yyTLPvnkxx&location=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D396218182%26mi%3D10%26csh%3D1486637409%3B172...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=396218182&mi=10&csh=1486637409;1725065545;1486637409&rnd=1397525637&pcid=F0hhdPZHdKReb32SS-6T_Si-
  • https://sync.mathtag.com/sync/img?mt_exid=10019&redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1678944572%26mi%3D10%26csh%3D1486637409%3B172506554...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1678944572&mi=10&csh=1486637409;1725065545;1486637409;396218182&rnd=-1159153639&pcid=25b0639b-35d8-4a00-967b-6b3a039ff7a4
  • https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=yyTLPvnkxx&expires=1825&rnd=-34220488
42 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=yyTLPvnkxx&expires=1825&rnd=-34220488
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://pixel.rubiconproject.com/tap.php?v=12218&nid=2528&put=yyTLPvnkxx&expires=1825&rnd=-34220488
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
content-length
43
x-amz-cf-id
sIecOIBpE0PcsN3NEQH4zC5SlGViGi6nWRrE5WlQ_Cz997iBECwHIQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58627/occ?gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=128&advUuid=y-sCm.LQ9E2uEDMpyfCjOCILBbgv9C7lWZVxk81Pg-~A&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1028935272&pcid=y-sCm.LQ9E2uEDMpyfCjOCILBbgv9C7lWZVxk81Pg-~A
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1028935272%26rnd%3D...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=793790479&rnd=-2027275527&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D793790479%3B1402230080%26rnd%3D1790084283&pcid=...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=793790479;1402230080&rnd=1790084283&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D793790479%3B1402230080%3B1709765917%26rnd...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=793790479;1402230080;1709765917&rnd=-71075010&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync1.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D793790479%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
N6-8PR9kg4Du-93s-mIqWSO6hF0AH5uWcwQL0imPErRkAxG56B3Ozg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
7md6RuGE7WwsbFhF3e5RJXmIIZe8uaKNFnIQ8ARekzqUAm13G6gI1g==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://mb9eo.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://mb9eo.publishers.tremorhub.com/pubsync/verify?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D126%26advUuid%3D%5Btvid%5D
  • https://live.primis.tech/live/liveCS.php?source=external&advId=126&advUuid=1f5c9e9dbadc410db7d921ff458aac78
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=584182936&pcid=1f5c9e9dbadc410db7d921ff458aac78
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D584182936%26rnd%3D2...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=584182936&rnd=2043648548&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D584182936%3B1402230080%26rnd%3D2140967129&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=584182936;1402230080&rnd=2140967129&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D584182936%3B1402230080%3B1709765917%26rnd%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=584182936;1402230080;1709765917&rnd=-458996183&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D584182936%3B14...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
JrJ1YEWuW0rHZGanTQit77aLhUF45Qw-ZAZ8jSc2_8KEJ-n_Exasfg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
mmXs8sYbcv-Mj5aKPuKcmanv9xiQoG3cJS4ehhp1jfZS9HZk0Y_DJw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://cs.media.net/cksync?gdpr=0&gdpr_consent=&cs=34&type=pri&ovsid=639b35db96a06&redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D127%26advUuid%3D%3Cvsid%3E
  • https://live.primis.tech/live/liveCS.php?source=external&advId=127&advUuid=3141178480815869000V10
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1723987475&pcid=3141178480815869000V10
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1723987475%26rnd%3D...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1723987475&rnd=-977682227&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1723987475%3B1402230080%26rnd%3D1685205561&pcid=...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1723987475;1402230080&rnd=1685205561&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1723987475%3B1402230080%3B1709765917%26rnd...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1723987475;1402230080;1709765917&rnd=-719743317&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1723987475%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
gIwsOd26fKrhq-iC6t3z2kYzfrHNTz6GH14jC6EckVLts53UBs8kNQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
gndATyB-MJQaIqgFjeIpfjwEMiCdvJ6NUTARczpoJqDIDujcUzBz_g==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D130%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&advId=130&advUuid=F0hhdPZHdKReb32SS-6T_Si-
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=396218182&pcid=F0hhdPZHdKReb32SS-6T_Si-
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D396218182%26rnd%3D-...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=1881119486&rnd=1027927471&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D1881119486%3B1402230080%26rnd%3D659564163&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=1881119486;1402230080&rnd=659564163&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D1881119486%3B1402230080%3B1709765917%26rnd...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=1881119486;1402230080;1709765917&rnd=50781354&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D1881119486%3B1...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
PO7cJT2hcwKfW2ima655Z3W_sZRZ1p1xSSwlsxHw41Ox7yNdYJsfRg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
9cGTZUVrL7tmQsjmf0-eN28t04GHcsO3bdf3-7EaTGsDzDXNy3tpDw==
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame A265
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3586&gdpr=0&gdpr_consent=
  • https://live.primis.tech/live/liveCS.php?source=external&advId=134&advUuid=76d8f143af3ded831539de168e22cc3&gdpr_consent=&gdpr=0
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=484859127&pcid=76d8f143af3ded831539de168e22cc3
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D484859127%26rnd%3D-...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1402230080&mi=10&csh=484859127&rnd=-1483410478&pcid=265CC617-1E50-470A-96B5-657054BAA8F9
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1709765917%26mi%3D10%26csh%3D484859127%3B1402230080%26rnd%3D554602005&pcid=$UID
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=1709765917&mi=10&csh=484859127;1402230080&rnd=554602005&pcid=57988376775515890
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D259151345%26mi%3D10%26csh%3D484859127%3B1402230080%3B1709765917%26rnd%...
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=259151345&mi=10&csh=484859127;1402230080;1709765917&rnd=-1312692516&pcid=2942926129357839341305
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&r=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1725065545%26mi%3D10%26csh%3D484859127%3B14...
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LBP7GRR0-23-4BUC
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
Protocol
H2
Server
2600:9000:24fd:5a00:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 7c6d67660968d7bc9fe1773f0d83dce2.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
CMH68-P2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
content-length
43
x-amz-cf-id
_UkPfp13S1ZjQCeQHIoW1mF5WafIn5QmRYalcLuBbIkDGkJRgIpFeA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1725065545&pcid=LBP7GRR0-23-4BUC
content-type
text/html; charset=utf-8
cache-control
no-store
x-amz-cf-id
WRSvfIarMCg4WqQUucuqyS12qYilwURgH1lu11Rs6ZQYOP75Qwu5cw==
3613a31b6329d1c17d5663d05b080db1.gif
cs.admanmedia.com/ Frame A265 		0
0
vid5df325a91bc88997235723.jpg
video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn11/video/users/converted/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.jpg?cbuster=1666108075
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c79ce95c69a5cd8c22dd3de01ba27d485dd0328a41d6dcfe86a9dcd2781477a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 4a131d14342c4d4b1feadf6574ec0876.cloudfront.net (CloudFront), 1.1 272c2d99c78297585ae7d3f10956c25a.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, CMH68-P2
age
539
x-cache
Hit from cloudfront
content-length
17641
last-modified
Wed, 18 Aug 2021 17:24:27 GMT
server
nginx
etag
"f8dda135f32e0d2aa270ea6bddc108ad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
3EnzxA4MnRXVAB_AOs3s04dqIYFy3-fojfoBh3Yaq1ty4oBmvuBZIQ==
expires
Fri, 16 Dec 2022 14:48:34 GMT
liveView.php
live.primis.tech/live/ Frame A265 		98 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YTxkYzM4ODx5NmImNTplMl5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV0U1TVqKnx9EZmVPVGN5TXcVM01dTXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4TURVMU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56RXyOVEU0TWcBS2ZRLaM4o0qMpENKQ0RznVqyVzVSOFQlUVRmQV94qWImRxJfoXZlQVJMQyc2VUxzqzyxX2NioaRyoaRsnWQ9NwAlMmQjJaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsZHVlYXRco249NTAzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTplMCZ5PTQjNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyqGygZXN0pzyvqW5yLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMTM1NUYmMTM2N0Q3QwpmMmEmNTMjMmtmOTM0MmYmMmqEN0I0MmMmMmA3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1ODUlNmA2MwU3NTY3QTY0NDt0QTpjNTx2RTU2NmU1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTQjLwpkNTpzZ2ViTG9hZm0gNmQzqXNypxyjQWRxpw0lYTBxJTNBNTYjMCUmQTI0JTNBMTQjMCUmQTEjMTEyM0FyOTAmJTNBZTyzZvUmQWI1Y2QzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWFgZXJcY2FhnG9gZXRiq25gZWRcYS5wo20yMxMjMDAlMSUlQmEzpGkurWVlQXBcSWQ9JzF2YWyfQ2FgpGFcZ25mPSZwp3V1nWQ9NwM5YwM1ZGI5NzEjNvZwYaVmqGVlPTE2NmEkMTYlNTM0ODx=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c4e289dff1fe4ec2325af000d36b982b7921754a56ab0ea4b4e5ac5a26fc0696

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:32 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.thetimestribune.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
9955
x-amz-cf-id
VVXq4YKDFwb93kypXD6VPDm7lVhNm3-mCn79k4Ox_ChXVy4QbR9tJw==
liveView.php
live.primis.tech/live/ Frame A265 		28 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMTEyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMwIlMmUyMxZ2nWRyo181ZGYlYmY3ZDVuNwtmMTplNmI1MmQmJTJGqzyxNWRzMmI1YTxkYzM4ODx5NmImNTplMl5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcFrEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu5TWcJrx5TOTJuV1JfYwE4MVcHWXyZryxmWxRWnE5dZ3cNVGN5TacJMU16UXcMM1cjWxRWn1cdTXyOV0U1TVqKnx9EZmVPVGN5TXcVM01dTXVvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzN4TURVMU1dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx56RXyOVEU0TWcBS2ZRLaM4o0qMpENKQ0RznVqyVzVSOFQlUVRmQV94qWImRxJfoXZlQVJMQyc2VUxzqzyxX2NioaRyoaRsnWQ9NwAlMmQjJaZcZF9wo250ZW50X2Ryp2M9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsqGy0oGU9SG93K3RiK1ByZWjeUG90YXRiZXMzqzyxX2NioaRyoaRsZHVlYXRco249NTAzZGVvqWqJozZipz1uqGyiow0zpGkurWkcp3RJZD0kMTx3NSZ4PTplMCZ5PTQjNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyqGygZXN0pzyvqW5yLzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMTMlMxQmMTM1NUYmMTM2N0Q3QwpmMmEmNTMjMmtmOTM0MmYmMmqEN0I0MmMmMmA3RDqCNTM2NDMmNwQmMmRDNxU1MwZGNUE1ODUlNmA2MwU3NTY3QTY0NDt0QTpjNTx2RTU2NmU1QTUmMmU2QTYlMmImMDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM0MmAmMDqEN0I1OTMlMmImNTqEN0I2NwMkN0Q3QwRDMmpmODM5Mmt3REZFRxUznXNBpHA9MCZmZGg2PSZaZW9MYXRcPTQjLwpkNTpzZ2ViTG9hZm0gNmQzqXNypxyjQWRxpw0lYTBxJTNBNTYjMCUmQTI0JTNBMTQjMCUmQTEjMTEyM0FyOTAmJTNBZTyzZvUmQWI1Y2QzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwEjOC4jLwUmNTxhMTI0K1NuZzFlnSUlRwUmNl4mNvZmY2uunW49MS4jJTJDMSUlMWFgZXJcY2FhnG9gZXRiq25gZWRcYS5wo20yMxMjMDAlMSUlQmEzpGkurWVlQXBcSWQ9JzF2YWyfQ2FgpGFcZ25mPSZwp3V1nWQ9NwM5YwM1ZGI5NzEjNvZwYaVmqGVlPTE2NmEkMTYlNTM0ODx=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D31322D31355F31367D7B7331353038393436337D7B4333307D7B53643364334C6E526F5A5852706257567A64484A70596E56755A53356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B4C373839387DFEFE&userIpAddr=2a0d%3A5600%3A24%3A1400%3A1011%3Ae903%3Ae9ff%3Ab5cd&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&debugInformation=&isWePassGdpr=1&schain=1.0%2C1%21americanhometownmedia.com%2C00021%2C1&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&csuuid=639b35db96a06&debugInfo=15089463_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=15089463&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2ec7uiqgvwtyt&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fwww.thetimestribune.com%2F&contentNum=1&flow_closeBtn=0&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=bl&flow_horizontalOffset=10&flow_bottomOffset=100&impGap=1&flow_width=310&flow_height=260&videoType=normal&gdpr=0&gdprConsent=&contentFeedId=&geoLati=40.7157&geoLong=-74&vpTemplate=7898&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BSUBID_ENCODED%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
937ef23013bea5f66b0b225b0f07ebeabd61ea8e3c916cc83a182e4f1897558a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://www.thetimestribune.com
content-type
application/json; charset=utf-8
cache-control
no-store
access-control-allow-credentials
true
content-length
4640
x-amz-cf-id
HZDZdPU8I7rnY_LiPZiYvYUkB_hEVxsarxwL0P1XITj-kI5cPYz4ag==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.thetimestribune.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 07:01:58 GMT
x-content-type-options
nosniff
age
114935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 07:01:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame B2E4
Redirect Chain
  • https://live.primis.tech/live/liveCS.php?source=external&advId=140&advUuid=1743175450290086261&gdpr=0&gdpr_consent=
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=1881119486&pcid=1743175450290086261
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&pu=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26dpi%3D1402230080%26mi%3D10%26csh%3D1881119486%26rnd%3D...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cc5cf72-b829-4d03-9408-52e30bfd5679&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cc5cf72-b829-4d03-9408-52e30bfd5679&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:3cc5cf72-b829-4d03-9408-52e30bfd5679&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 15 Dec 2022 14:57:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
rtb-csync.smartadserver.com/redir/ Frame B2E4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent=
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-ewr18123-EWR
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671116254.570297,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=Y5s12AAEM5AzzAAF&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
smartadserver
cs.admanmedia.com/sync/ Frame B2E4 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame B2E4
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=39610da3
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=39610da3
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:32 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Thu, 15 Dec 2022 14:57:33 GMT
via
1.1 272c2d99c78297585ae7d3f10956c25a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CMH68-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=39610da3
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
MXv2jr86KA-2PIjYoTnU2dCY3ORDdJQfB3xk871ll07pz1dqx2UwUw==
/
rtb-csync.smartadserver.com/redir/ Frame B2E4
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=57988376775515890&gdpr=0&gdpr_consent=
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=57988376775515890&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=21&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:33 GMT
AN-X-Request-Uuid
1a1fa220-41ea-4224-b04f-0425eeb1434c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=57988376775515890&gdpr=0&gdpr_consent=
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame A265 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221215
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39395
x-jsd-version
1.0.1556
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4559-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"66e-7f8qDY2VEq3Tg9Q/RU9Vxgw1xIU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfIEK3ZH7%2B%2B%2BShne4itQ2uw%2BzzbaN0PIOfqbZNzVHRwKU2a5Z2Fhfee6MiPDfspYJVsbSK92rsqlHOLNmzHpskUq1XAT3jjC1KP13RaD%2FYMEeaiBPwFq7bkW6C04%2BBq5mx0TfB8VRY50EbYY30Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
77a0084a0a198c2f-EWR
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A265 		67 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1671116253762&pKey=908166931&_fw_us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C!primis.tech%2C22235%2C1%2C%2C%2C&loc=https%3A%2F%2Fwww.thetimestribune.com%2F&playerSize=720x405
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:34 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1671116253762012-127
translator
hbopenbid.pubmatic.com/ Frame A265 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame A265 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:33 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
SPug
simage4.pubmatic.com/AdServer/ Frame 0088 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.thetimestribune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 15 Dec 2022 14:57:33 GMT
server
ATS/9.1.10.25
liveView.php
live.primis.tech/live/ 		0
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY3MTEkNwI1MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJaN1YxyxPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTBxJTNBNTYjMCUmQTI0JTNBMTQjMCUmQTEjMTEyM0FyOTAmJTNBZTyzZvUmQWI1Y2QzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA4LwAhNTM1OS4kMwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmOWImNWRvOTZuMDYzqxygpE9jpG9lqHVhnXR5TXVfqGyjoGyypw01JzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MCZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTEzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NmEkMTYlNTQjNmxzqWyxPVNyn2yhZG9TUGkurWVlNwM5YwM1ZGJwZTQ3MlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ3q3phqGuyqGygZXN0pzyvqW5yLzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1cnXE=
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
ltUZN4Q_Fx535x14gx4r_eWhFx5ADZoD7BVG7uB7Jl6wLAiOPgKGJA==
rt=ifr
bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22met... Frame E0CC 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/6893/cc.js?ns=_cc6893
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.101.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-101-237.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
8cb7cf2195fe888dced2a3242b6c7051e59255af63595a34e76ae42d291fd763

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
content-length
1263
content-type
text/html;charset=utf-8
date
Thu, 15 Dec 2022 14:57:34 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.36.107
1.js
thetimestribune.com/content/tncms/ads/_popup/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://thetimestribune.com/content/tncms/ads/_popup/1.js
Requested by
Host: www.thetimestribune.com
URL: https://www.thetimestribune.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
tcx-ping.php
japfg-trending-content.appspot.com/ 		207 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://japfg-trending-content.appspot.com/tcx-ping.php?s=10223&t=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&h=www.thetimestribune.com&p=%2F&w=2&a=ldgr1--ldgr4&_debug=1
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::99 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
a8faa48443f29a615bc1e2d01bdfad40c6899aaaab29a7d6f96e31fd962f8836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:34 GMT
content-encoding
gzip
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3adb2bccb2c243ede4816384e39e5ac7c27273fa573ba04a59efa171d96f6640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11164
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 1437 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thetimestribune.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:33 GMT
server
Kestrel
server-processing-duration-in-ticks
355017
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1089137470&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&dr=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&ul=en-us&de=UTF-8&dt=thetimestribune.com%20%7C%20Your%20Life.%20Your%20Paper.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&_u=aHHAAUABAAQCAGAAIAB~&jid=68028772&gjid=1579840526&cid=333536868.1671116245&tid=UA-3850501-49&_gid=1283124798.1671116245&_r=1&gtm=2wgbu0K4GJW6&cd1=333536868.1671116245&cd4=false&cd5=false&z=756570216
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr=0
sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=d0d0d905-2a5c-0daa-133d-27c337e79410/ Frame E0CC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=a2b86b70-2a77-4714-ab97-7807f14fcc73&r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D194%2Ftp%3DOPNX%2Ftpid%3D%7BOPENX_ID%7D%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=d0d0d905-2a5c-0daa-133d-27c337e79410/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=d0d0d905-2a5c-0daa-133d-27c337e79410/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Protocol
H2
Server
52.207.194.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-194-90.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.121
content-length
49
expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.crwdcntrl.net/map/c=194/tp=OPNX/tpid=d0d0d905-2a5c-0daa-133d-27c337e79410/gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
382416.gif
idsync.rlcdn.com/ Frame E0CC 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=6fc5a047b67526847e00bb9c357909b5&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame E0CC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmZjNWEwNDdiNjc1MjY4NDdlMDBiYjljMzU3OTA5YjU&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.json
aa.agkn.com/adscores/ Frame E0CC 		124 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-51.cmh68.r.cloudfront.net
Software
AAWebServer /
Resource Hash
26f57c0ae5e0d4facc35c59e72ff3455b016a42645e13c1eea628243ef9ad40d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
via
1.1 dfadeb49b0e79d8ca3251c51b8dc6acc.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
CMH68-P2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
124
x-amz-cf-id
5ayzcwGgCM3XDMv3rfPRSHxwThjpYXXbPTIJPLb8NUheQAN9qpm1hg==
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:34 GMT
sid
mug.criteo.com/ Frame 1437
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetimestribune.com&sn=ChromeSyncframe&so=0&topUrl=www.thetimestribune.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=vo5QxHxrQnN1SkhyWC9wWWJuYVFnWFZMWCt5T25COEJzMldTZk1MdDNodnNNRFI0bDZOYVd1RHpsUC9FNkhKS0xaWDdpLzlsL29JUjlxOVlEMkttWWxZNWNpS1N2bDNFdy81RDJDdHFkUFZKbUtpU1dJc2I5ZjYxRVRzV1...
457 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=vo5QxHxrQnN1SkhyWC9wWWJuYVFnWFZMWCt5T25COEJzMldTZk1MdDNodnNNRFI0bDZOYVd1RHpsUC9FNkhKS0xaWDdpLzlsL29JUjlxOVlEMkttWWxZNWNpS1N2bDNFdy81RDJDdHFkUFZKbUtpU1dJc2I5ZjYxRVRzV1BEUXFubk5yTWR6cWVwYnBuZmNQK1RXRW5xaGxPVWVwdXR3UEVHUitjTklCeHZ3eW9sczBzTndCTUt0QnB2djM0ZlN4b0ZRL2ZtcE9BM0lqQitpNjgxYjE3RFpmd3FiOHZIcEV2eWZMYkVpQnJwNjU0K0N2bm9zcHdnYk4rNXg2NzJLWlJDVVZ4TVh6aU8vVzVhSUlyem12L25ENkc0aU9mZy9RbkRtRitzbjJZK2hJcGNjaz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a27f8b4e9b63cede49f00dc44fe2bb7f8952278d6db4fa9bc47f722377c2753e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2680641
expires
0

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=vo5QxHxrQnN1SkhyWC9wWWJuYVFnWFZMWCt5T25COEJzMldTZk1MdDNodnNNRFI0bDZOYVd1RHpsUC9FNkhKS0xaWDdpLzlsL29JUjlxOVlEMkttWWxZNWNpS1N2bDNFdy81RDJDdHFkUFZKbUtpU1dJc2I5ZjYxRVRzV1BEUXFubk5yTWR6cWVwYnBuZmNQK1RXRW5xaGxPVWVwdXR3UEVHUitjTklCeHZ3eW9sczBzTndCTUt0QnB2djM0ZlN4b0ZRL2ZtcE9BM0lqQitpNjgxYjE3RFpmd3FiOHZIcEV2eWZMYkVpQnJwNjU0K0N2bm9zcHdnYk4rNXg2NzJLWlJDVVZ4TVh6aU8vVzVhSUlyem12L25ENkc0aU9mZy9RbkRtRitzbjJZK2hJcGNjaz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
420170
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9708 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
63847
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Dec 2022 21:13:27 GMT
expires
Thu, 14 Dec 2023 21:13:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8DAD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ed183c5e083f96bd47253d3d276b16dbafcecd2184af354be608a2e9854280e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rhqv5_4K4m8uC2fyvhCvQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-rhqv5_4K4m8uC2fyvhCvQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:34 GMT
expires
Thu, 15 Dec 2022 14:57:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gdpr=0
sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=213510604366009389182/ Frame E0CC 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=368/tp=TARG/tpid=213510604366009389182/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6893/rand=758503045/pv=y/int=%23OpR%2364466%23CNHI%20%3A%20Total%20Site%20Traffic/int=%23OpR%2364485%23CNHI%20%3A%20thetimestribune%20%3A%20Total%20Site%20Traffic/rb=%7B%22meta_tag%22%3A%22the%20times-tribune.com%22%2C%22ref_url%22%3A%22thetimestribune.com.admin-us2.cas.ms%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.194.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-194-90.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:34 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.246
content-length
49
expires
0
collect
www.google-analytics.com/ Frame 2F07 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Atime-3sec&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=1350707071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63779
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1400852277535726&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
pagead2.googlesyndication.com/bg/ Frame 9708 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 04:38:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16132
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 04:38:58 GMT
generate_204
tpc.googlesyndication.com/ Frame 9708 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-2_NXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/ Frame 5E80 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1506855948&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Atime-3sec&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&cd24=&cd1=598968&cd2=30&z=421834565
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63779
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame A265 		135 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame A265 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=34
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:35 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
id
id.crwdcntrl.net/ Frame A265 		77 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.194.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-194-90.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c396e888895ca520e3f55745579ccff4f78073ae20e192ba53c68c6664b6a338

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache
x-server
10.40.40.213
access-control-allow-credentials
true
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame A265 		108 B
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
199ec7c131ddb67da5961993ac596c67d5c469a103afc39a18ad3aed49c6d11e

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:35 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 Jan 2023 14:57:35 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 69E6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.81.240.200 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-81-240-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=59341
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 16 Dec 2022 07:26:36 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
unused62
8096267
vary
Accept-Encoding
user-registering
ads.stickyadstv.com/ Frame A265
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=76d8f143af3ded831539de168e22cc3&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=eb83c_7177389663039230538&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzZkOGYxNDNhZjNkZWQ4MzE1MzlkZTE2OGUyMmNjMw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtnd237ch4ESTbDzRj_wok&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=e063f1e7-594f-448d-9ec8-39652287366a&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NzZkOGYxNDNhZjNkZWQ4MzE1MzlkZTE2OGUyMmNjMw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBtnd237ch4ESTbDzRj_wok&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/76d8f143af3ded831539de168e22cc3?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-AQ5czd9E2oPisvZ1REJOH6mMBmOLF23ZcQDqqRZZ~A
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAAtHk7HNmwAACIa0xycww&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=57988376775515890&gdpr=0&gdpr_consent=&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5409130810637765558
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=dRsvu7oN1P5PFT5
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y5s12AAEM5AzzAAF
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 69E6 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50571524&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2b468c0684a4770f54be1f5655f7dde84914f98659c0943740e621e8528667ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1400852277535726&bg=!fH-lfzvNAAYgquz3AKo7ACkAdvg8WiINBN-RQfn2Xu5cPQZgAp_5_gifm7gHKsdV5jFV58oV2t70qQIAAACiUgAAAANoAQcKACY3xdfJiZdWagtfE7-YkGTvoghx9UfZ83-Ctc4NXJnk44AM0OKAdJkC4cE2ksR3cm0QBlqTQWsMpMzJTocn6k9SJgE28l3JuaZi8wNDrPrWAitUhkZjotvYLW5typH4z1IoR-mBoChk1i8XBrE9THALqAPIOhotfpOfuSwwHZma0g-ngC1Z_bs7tg6WeGPacVARryNm_ddl_7yTqHzJ5oJQ1k6vQqx2CRKSBAoyitz9GxqNjaX2nDcJdzv8z6ebudm0_DEdUc7G1M9Rdwu4m2lkBmgebI7JWjtrY74N7NZddrRFKQ655aUApEjq9eVMHo6E_MUXLwuEIGRfFatkiLDBZWyRKlolixIIXtoXrVyaertRcnhZygvSMp7b1_s3ePbZXO0CmR4wUeKnTy8Zr7MFrgAfZKPOlnVl1bzN0kPtvwBp62oanvoUVzRdadEtJpYS72gR47IO1q_gmYHHfAgVKNfomRJ-Dvvj66V0JZJOe5Fryl2XQ__dd-H0gK8BueQNAsVIoZC6rSvhoYY1epOtj0uA44sYAUxqbyKarT3iTXGDNo6CHuMGQq_t4lv1HJboFYikJho6Qqqj-wlTSYYGUgcPVC6fq7HobGDXMHfea5FUbAuLwhsUkoTv06--5dkQ0YXm5wNbDfotVnRwzBOQpJi59kFlMN4Sd_ce7brKUqjdTvnG2cIOmKfzk3QwgyRggFEAlN2FceB7QdaBw76QG_iFfCb_vP_yi4U-CSp4rzkAEV5KEQGY7GIiAYxBeFTxlWFtImthep9KaG5ffA34y3RIfwLVM-v7O_riklxUkNhL1rJXusirdXraxXKE8-pX144ieDEq2miJwYAklPvTpF-t6_irRUy5gohHasu1XwSK9eyOX4oXx6yNdvfBqdnYWbEBO2jSvvfFxAPAqxB738j5y8yGIPSHzlJCva3H3aL1w9HD-BpxA8sps226lc0yPLl3UQkAWvskv6DJuqltmA3Upj19fZc7sirkOIhbU-L9O5Eue3Le2Iyi6Rc6bZS0UdFE3NuJ6rAN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
match
c1.adform.net/serving/cookie/ Frame E362 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 15 Dec 2022 14:57:35 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame B57C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Thu, 15 Dec 2022 14:57:35 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-5
Pug
simage2.pubmatic.com/AdServer/ Frame B928
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CbZNMz4RQrtN8cGbYeJHmQW16p4
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CbZNMz4RQrtN8cGbYeJHmQW16p4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 14:57:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=CbZNMz4RQrtN8cGbYeJHmQW16p4
i.match
a.tribalfusion.com/ Frame 4606 		43 B
664 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
77a0085329771a1b-EWR
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame A0DA
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720581416291
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720581416291
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=720581416291
Pug
simage2.pubmatic.com/AdServer/ Frame 9A99
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dRsvu7oN1P5PFT5&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dRsvu7oN1P5PFT5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 15 Dec 2022 14:57:34 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:dRsvu7oN1P5PFT5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-02c0d1b5dbe458723@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 02F2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005&rndcb=8030866873
  • https://t.pswec.com/bsw_sync?ssp=adconductor&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=adconductor&bsw_user_id=4b6b3c04-894f-45f2-bf0e-86dd76fa7320
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=522395ca-9b5e-49f4-a60b-669fd316d3b6&expires=3&user_group=1&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/4b6b3c04-894f-45f2-bf0e-86dd76fa7320?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:35 GMT
ETag
RXb12f8499679e438aa2ab7c7566dc1e35005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 6BB0
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=WBfL1WEtM
42 B
207 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=WBfL1WEtM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=WBfL1WEtM
vary
Origin
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame CAD1
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 14:57:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 3F21
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=67af2790-34b1-43a0-ae7e-7a74344429af&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=265CC617-1E50-470A-96B5-657054BAA8F9
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=265CC617-1E50-470A-96B5-657054BAA8F9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.211.1.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-211-1-254.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:35 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 15 Dec 2022 14:57:33 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=265CC617-1E50-470A-96B5-657054BAA8F9
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 9A0D
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7244026551091621944&uid=Q724402655109162...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244026551091621944
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244026551091621944
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=28251
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:35 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7244026551091621944
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
image2.pubmatic.com/AdServer/ Frame 5DC3
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Rvrk3ly2BoyD3v9R3zWbYw
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Rvrk3ly2BoyD3v9R3zWbYw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 15 Dec 2022 14:57:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=Rvrk3ly2BoyD3v9R3zWbYw
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
pub
matching.truffle.bid/sync/ Frame 603B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.161.47.120 , Germany, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.120.47.161.5.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 15 Dec 2022 14:57:35 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cm
ipac.ctnsnet.com/int/ Frame C82E 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 15 Dec 2022 14:57:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame AA77 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 15 Dec 2022 14:57:35 GMT
Vary
Accept-Encoding
X-adserver-worker
docker9-27ff58ef02fa@version_1.531
X-core-time
0ms
X-server-arch
v2
Pug
image2.pubmatic.com/AdServer/ Frame 2CD4
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ef49c071-ee6f-4a0a-8886-7fe35fb74c81
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ef49c071-ee6f-4a0a-8886-7fe35fb74c81
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 15 Dec 2022 14:57:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=ef49c071-ee6f-4a0a-8886-7fe35fb74c81
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3EE8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 15 Dec 2022 14:57:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Thu, 15 Dec 2022 14:57:35 GMT
expires
Wed, 14 Dec 2022 14:57:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:EE7C2CD6447D4FB782121DE57AC7E703&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Artemis
aud.pubmatic.com/AdServer/ Frame 69E6
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=265CC617-1E50-470A-96B5-657054BAA8F9&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=265CC617-1E50-470A-96B5-657054BAA8F9&addseg=10,33,39
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Server
8.28.7.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Thu, 15 Dec 2022 14:57:35 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=265CC617-1E50-470A-96B5-657054BAA8F9&addseg=10,33,39
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
mw
mwzeom.zeotap.com/ Frame 69E6
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=265CC617-1E50-470A-96B5-657054BAA8F9&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4d14a7dc6527cd26/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6fc5a047b67526847e00bb9c357909b5&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=4d14a7dc6527cd26
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf533406f03&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEBxLDgUDjJBKjA4lgTRE3Pc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf...
95 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEBxLDgUDjJBKjA4lgTRE3Pc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf533406f03&zcluid=4d14a7dc6527cd26&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
77a008579d401998-EWR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEBxLDgUDjJBKjA4lgTRE3Pc&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9a977485-48c0-4047-68a6-3f6497f14b2d&reqId=13f7a275-edd4-4291-62ec-edf533406f03&zcluid=4d14a7dc6527cd26&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 69E6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=25b0639b-35d8-4a00-967b-6b3a039ff7a4
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 15 Dec 2022 14:57:35 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x18 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=25b0639b-35d8-4a00-967b-6b3a039ff7a4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 14:57:34 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame A265 		33 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
f018e20958bbb2520aad8f06225ae5763587db3500a4c0379679beb785357c3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.thetimestribune.com
date
Thu, 15 Dec 2022 14:57:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5065&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=page5&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:35 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:35 GMT
212.json
id5-sync.com/g/v2/ Frame A265 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/212.json
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
7d53c8301f65fb67c61645e1fe8e0960a7cbcf47e746baac07c91341aa40d436
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5042&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=page5&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=5&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:36 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:36 GMT
arj
justapinch-com-d.openx.net/w/1.0/ 		190 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://justapinch-com-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.thetimestribune.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d2f6720b-9729-48fb-b3e1-59921a9de59d%2Ca3630303-450d-411e-92fd-cbae6fef67ca&nocache=1671116256443&gdpr_consent=&gdpr=0&us_privacy=1---&schain=1.0%2C1!americanhometownmedia.com%2C00021%2C1%2C%2C%2C&aus=300x250%7C300x250&divids=ahm_widg_id_3%2Cahm_widg_id_7&aucs=%2C&auid=544092638%2C544092638
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5eb361e37d0302c7ad3690e0ee243dbbfdce1839dc389586c1e2a221a3190042

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.thetimestribune.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		30 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2259c9f332e33b66%22%3A%22121808278466059cd0bb%7C300x250%7Cgpid%3D%2F281191609%2C9869277%2Ftrx_cnhi%2Fthetimestribune.com%2Cc%3Dd%2C%22%2C%2265328abc6ca292%22%3A%22121808278466059cd0bb%7C300x250%7Cgpid%3D%2F281191609%2C9869277%2Ftrx_cnhi%2Fthetimestribune.com%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.thetimestribune.com%2F&s=6ca42802-42ae-4e32-8df8-56a4c9362db4&pv=d0aee404-e754-4ba1-aa36-81effaa6c0a5&vp=desktop&lib_name=prebid&lib_v=7.13.0-pre&us=5&fpd=%7B%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%2C%22domain%22%3A%22thetimestribune.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22thetimestribune.com%22%7D%2C%22keywords%22%3A%22thetimes-tribune.com%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%7D&ius=1&gdpr=false&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200021%22%2C%22hp%22%3A1%7D%5D%7D&us_privacy=1---&coppa=0
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.14 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:36 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-175
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
30
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96944c0178781371c5137e6cb8000d&pos=8a969cb9017878136882137ec1c60012&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
de00e51d7658c9365355cbe6c6c2ac174c3e23453f60ca93e452d86951cbcff3

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:36 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96944c0178781371c5137e6cb8000d&pos=8a969cb9017878136882137ec1c60012&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
024eaf2f1b268a3b1de960da3dc41e46756ee00372477f3bbf1e06c53cbf2307

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 15 Dec 2022 14:57:36 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimestribune.com
access-control-allow-credentials
true
content-length
62
bid
ap.lijit.com/rtb/ 		23 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.13.0-pre
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.136 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d1f99d61327c68d970edb4b7c0306afa20f034ed56f82496e154dae045c83fa1

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 15 Dec 2022 14:57:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.thetimestribune.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ba30cd176de6d80ea9d0d8732ec4a4d0e09be5ca149e1b418feb9c7ee859978a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:36 GMT
AN-X-Request-Uuid
ea51fd37-a50a-465d-8594-30533c2427f0
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thetimestribune.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=594615&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2216e9b88761d6bea%22%2C%22site%22%3A%7B%22ref%22%3A%22http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%2C%22domain%22%3A%22thetimestribune.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22thetimestribune.com%22%7D%2C%22keywords%22%3A%22thetimes-tribune.com%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%227.13.0-pre%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.thetimestribune.com%2F%22%2C%22tmax%22%3A1800%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22ahm_widg_id_7%22%2C%22divId%22%3A%22ahm_widg_id_7%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2217a1ac454a96fd9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F281191609%2Ftrx_cnhi%2Fthetimestribune.com%22%2C%22gpid%22%3A%22%2F281191609%2Ftrx_cnhi%2Fthetimestribune.com%23ahm_widg_id_3%22%2C%22tid%22%3A%22d2f6720b-9729-48fb-b3e1-59921a9de59d%22%7D%7D%2C%7B%22id%22%3A%2218ff9c8d6f10d6c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22594615%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F281191609%2Ftrx_cnhi%2Fthetimestribune.com%22%2C%22gpid%22%3A%22%2F281191609%2Ftrx_cnhi%2Fthetimestribune.com%23ahm_widg_id_7%22%2C%22tid%22%3A%22a3630303-450d-411e-92fd-cbae6fef67ca%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22americanhometownmedia.com%22%2C%22sid%22%3A%2200021%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89ab75ae87833a39ba37958073b8d79c5ed946d3d47b922402e9deda3f4df39

Request headers

Referer
https://www.thetimestribune.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bTY%2FcfpoEYFLOdClDQ1wGhy8T%2FWdenFtiQvyQSxdOUcASURWschzeCUarHLvLhdvXpv449Pg8snbGq6%2FrCLon6EfH6yLYN6RRBPxSxGgL6t%2BdHCKCdSLwr8cvDm7YLnrLKqyL9i"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77a0085ae86c0ccd-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 69E6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:35 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
www.google-analytics.com/ Frame 2F07 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Atime-6sec&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=1292950968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63782
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame 5E80 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1506855948&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Atime-6sec&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&cd24=&cd1=598968&cd2=30&z=451551579
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63782
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thetimestribune.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1400852277535726&correlator=71562962497531&eid=31070872%2C31071151%2C31071221%2C31071125%2C676982961&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&us_privacy=1---&iu_parts=281191609%3A9869277%2Ctrx_cnhi%2Cthetimestribune.com&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&ifi=14&adks=327154326%2C327154330&didk=564184614~564184618&sfv=1-0-40&fsbs=1%2C1&prev_scp=slotName%3Dldgr1%26pubDom%3Dthetimestribune.com%26atab%3Dtrue%26frstlk%3Dtrue%7CslotName%3Dldgr4%26pubDom%3Dthetimestribune.com%26atab%3Dtrue%26frstlk%3Dtrue&eri=1&cust_params=section%3Dhomepage&sc=1&cookie=ID%3Dd3ff58f1df784131%3AT%3D1671116246%3AS%3DALNI_MYT8VUcZkfNFLM5hDTQ_YzRLYTzKg&gpic=UID%3D000008d4306f9484%3AT%3D1671116246%3ART%3D1671116246%3AS%3DALNI_Mblj257qty8pouUtVNBnorxCgiZAA&abxe=1&dt=1671116258276&lmt=1671115919&dlt=1671116244024&idt=886&adxs=1180%2C840&adys=1312%2C3088&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=10%7C11&ucis=e%7Cf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thetimestribune.com%2F&ref=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F&frm=20&vis=1&psz=300x250%7C300x250&msz=300x-1%7C300x-1&fws=4%2C4&ohw=1600%2C1600&ga_vid=333536868.1671116245&ga_sid=1671116247&ga_hid=1089137470&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c239366e2ad0e4d8f8a610a5d0df5eb233afaf6e51d4c6afcd56bec0f29a55f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18235
x-xss-protection
0
google-lineitem-id
-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thetimestribune.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_64k-00003.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 2F07 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00003.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7008a089333e09fea421baf591490659d62eea683e92ac1f6b5603fef8fed60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
via
1.1 varnish
x-amz-request-id
TF75G098FQAZ4R54
age
3457
x-cache
HIT
content-length
52828
x-amz-id-2
FKcBLgwPgxdTRYBCZGzDrfYGlxxz66ZLrrZ0Q4jvQnCognkmwlDDwlGBfyMdLTSm0RiXJh16elQ=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116259.644734,VS0,VE0
etag
"8ef491e2721d96870459870bfd5faf7e"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1076
video-764k-00003.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 2F07 		327 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00003.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04847a0fb8457de84f2dc355a07f56148ce93c3af98c111071e71cb6a203b6c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
via
1.1 varnish
x-amz-request-id
5KS19RT5P8MREJHC
age
3454
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
334828
x-amz-id-2
4eh7ZMH6pcIaB4sHpwyjc5OCGau9jmMXeDsSFvXdFtDTLMAHEXwrHn8/vHD8NwaBP0WSbrLUYl8=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116259.645194,VS0,VE0
etag
"c7c473240deef042c028a5c150416db6"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2
audio_64k-00003.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/ Frame 5E80 		52 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/Audio/64k/audio_64k-00003.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7008a089333e09fea421baf591490659d62eea683e92ac1f6b5603fef8fed60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
via
1.1 varnish
x-amz-request-id
TF75G098FQAZ4R54
age
3457
x-cache
HIT
content-length
52828
x-amz-id-2
FKcBLgwPgxdTRYBCZGzDrfYGlxxz66ZLrrZ0Q4jvQnCognkmwlDDwlGBfyMdLTSm0RiXJh16elQ=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:09 GMT
server
AmazonS3
x-timer
S1671116259.651411,VS0,VE0
etag
"8ef491e2721d96870459870bfd5faf7e"
content-type
video/mp2t
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1077
video-764k-00003.ts
volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/ Frame 5E80 		327 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://volume-assets.voxmedia.com/production/b7a6c9370119f5bd97ba0d9a7562c76e/598968/video-764k-00003.ts
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/hymnal-ad-sdk/master/latest/sdk.video-build.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04847a0fb8457de84f2dc355a07f56148ce93c3af98c111071e71cb6a203b6c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
via
1.1 varnish
x-amz-request-id
5KS19RT5P8MREJHC
age
3454
x-cache
HIT
x-amz-meta-surrogate-key
production/74fa72dd32283096b2cfab11b25e5cce/598968
content-length
334828
x-amz-id-2
4eh7ZMH6pcIaB4sHpwyjc5OCGau9jmMXeDsSFvXdFtDTLMAHEXwrHn8/vHD8NwaBP0WSbrLUYl8=
x-served-by
cache-ewr18130-EWR
last-modified
Tue, 13 Dec 2022 17:05:13 GMT
server
AmazonS3
x-timer
S1671116259.689026,VS0,VE0
etag
"c7c473240deef042c028a5c150416db6"
content-type
application/x-mpegURL
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3
container.html
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7E90 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
12
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:26 GMT
expires
Fri, 15 Dec 2023 14:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A717 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
12
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 14:57:26 GMT
expires
Fri, 15 Dec 2023 14:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7E90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5TXJ4jWbY7GiFc3AzwWLlb7YAY7PmJZsscOjitsLwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMMgBCeACAKgDAaoEswJP0PNay8wPycAvVkpzr05LHhF_zFtnuPOH3aApIWtpiGuL8xst_O8uXnje9Cv3XCi8463pprtZOmLOC1inU67VS-s-h6nbiqwS4eqUdRi90OsuWdiIM7x1fhqdkw9f0aaxM5Fwr38lW4b5L16INcDPrpUz9QCfDCNtT1ZFhq3tQaQvSFlu9XWPrXRj-ZK7J4DOgfdwC-8NZCiKTrLj7pjOP1itD7zsptXUyLjtkD5s0xFU2G5sw4eFMXCF4Z7UuYsuSHqG0YDssw0s-QNF1TlYtOqS7YfgtBRy0gClinBL_BQTGKXMEMZs3RTngfIOJEWH5Wm6ma2RP3-X9mRgARYOLpJnsUQPjvR5m7kKv0_4VWdHCuVaCPjORRXGiPlKmhbSnJN1YZrKwY4o07FJCMfgqg2W4AQBgAaPoaPcutPS5rIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTE0OTY3MDkzODA4NjgwNjGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjcxODQyNjIzNzYxNTYxMBih6Ck&sigh=Sl3WI79CgkE&uach_m=[UACH]&cid=CAQSPADq26N9kqZjIagrgFDtaqgJJ2sFEt2j3YqE4O7wt5JNHmQpaL7sfhy-bGHR-r1kDMwtG5Tjn69Ow_tfWBgBIBM
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
log
hblg.media.net/ Frame 7E90 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=79de3a0614d44d5392ee025495f4ec6a&bidrestime=1671116258495&cbdp=0.03&ogbdp=0.05&prvReqId=1466682192124571_2137181067_90521842213191&pvid=319&scrid=1700080807684000300025000000500&size=300x250&slotVisibility=2&viewability=57&app=0&cc=US&cid=8CUW5O213&csip=rtb-appnexus-64d76c54bd-rqf7p.SC&device_id=4&dn=thetimestribune.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.thetimestribune.com&dtc=east_sc&zone=d&commit_id=1224efef&ugd=4&sc_pvid=294&ctr=0.0&rme=nurl
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 15 Dec 2022 14:57:38 GMT
log
qsearch-a.akamaihd.net/ Frame 7E90 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=&other_prv=294%7C319&jar_err=&current_day=4.0&adtyp=0&req_id=hIMIRJyTOGn_70rI0-OauQ&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&dim11=0&predicted_wr=66.0730&exp=&deal_id=&fdbk_id=&second_bidder=294&search_res=40&floor_bucket=0.00&gpid_format=&seat=319&rc=-1&size=300x250&f_seg=&prdp=0.0300&local_wr_url=0.0000&ogcbdp=0.0500&dfpbd=0.0300&server=1&ogerpm_wd_bkt=0-1&model_version=202212150945_generic_adx_2-cid_2&viewability=0.5700&dmm_r=0.5140&cut=40&dmm_l=0.5140&as_cache=1&tcyerpm=&sc=NY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=thetimestribune.com%2F&bidrestime=1671116258495&cc=US&strg=harmony&ss=&current_hour=14&time_stamp=2022-12-15+14%3A57%3A38&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.0500&ct=New+York&akey=&mnckfl=0&bdp_bucket=0.05&algo=default&dc=east_sc&dim5=0&splid=&dim4=exploration&erpm_mult=1.000000&dn=thetimestribune.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&dmm_m11=0.0000&dmm_m12=0.0000&acid=79de3a0614d44d5392ee025495f4ec6a&zone=d&infl=&o_ver=NT+10.0&br_ver=108.0.5359.124&bdmm_m6=1.0000&bdmm_m7=1.0810&bdmm_m5=0.8750&ver=9.1.2&totalTimeBucket=2&visibility=2&totalTime=2371384&dmm_m1=2022-12-15+14%3A57%3A38.497423955&e_rpm=0.0670&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.7790&cid=8CUW5O213&bcrid=1700080807684000300025000000500&rawbid=0.0500&seat_id=319&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=4&o_id=101&clisp=rtb-appnexus-64d76c54bd-rqf7p.SC&dfp_bucket=0.0&adblk=327154326&itype=adx&pvid_seat=319_319&cliIP=0&advurl=topics.businessfocus.online%2F&level_base=0&crid=905218422&sat=1&br_id=265&cut_bkt=40&gpid=&iwb=1&dmm_d22=0.01&second_bid=0.030000&sc_pvid=319&capd=0&other_bids=0.03%7C0.05
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 15 Dec 2022 14:57:38 GMT
nmedianet.js
contextual.media.net/ Frame 7E90 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5ef7f7c3a855bfae0dbaf9d63878f16e50cb207733c945cc98599e9cba855e9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h
21-7qck
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 15 Dec 2022 14:57:38 GMT
server
Apache
etag
"c50305f6e6d908e42fb894346fce2ee5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Thu, 15 Dec 2022 15:02:38 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 7E90 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 15 Dec 2022 14:57:38 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=10440
access-control-allow-credentials
true
content-length
62892
expires
Thu, 15 Dec 2022 17:51:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7E90 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7E90 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
63882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:12:56 GMT
l
www.google.com/ads/measurement/ Frame 7E90 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM2F8Cu-j-i4LmGRbXTsEdGFF3873CfGRO-C8HSXfjKUGQUTfNTw3r4kfPHUHIS7oHluXzKVyy0lk_eOUAEkaiHW-SJA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7E90 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
63739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 21:15:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7E90 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A717 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY8d-4jWbY7KiFc3AzwWLlb7YAY7PmJZsscOjitsLwI23ARABIABgycapi8Ck2A-CARdjYS1wdWItNjcxODQyNjIzNzYxNTYxMMgBCeACAKgDAaoEswJP0F80CQV7w8C_HRTAP-3iD0yimzu7Be3GhMjTnWGOAoz7MLNovpwqAd-A3MlWRKZk3-OtbaI4Skmc-4KwrfJJkUb3v6y4kS-zcXgYZWcgUemAds-QD-6DaEekB5qN6hIqrKHT-U2QDhsJmeAKuvQO0qEz-TS9ciQXV1PGxp9szijB-DxW0QwiA41Mh9nn7aeaqRK6pLBGurE5Q-4hCvL3m7_vzP6Nox1pAdCZJhv_vX2SJ-MMHL_AV7hK4X2I0k-eFpUnW9pn7WNVO42wNaHO7khAkr-Np3A2YMvTATxB6ttsBd04iIFsUd1XVyBr8SVi_l5g7DxHpxs8tpLQIjQKTwVu1cMumNnztGIrvhASxJlt9UD-Vas79IFFsgIXP9axV5Wp5J1vAoWK6p3UuAMlR2fl4AQBgAaPoaPcutPS5rIBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTE0OTY3MDkzODA4NjgwNjGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjcxODQyNjIzNzYxNTYxMBih6Ck&sigh=NmSDVmyJvwI&uach_m=[UACH]&cid=CAQSPADq26N9kqZjIagrgFDtaqgJJ2sFEt2j3YqE4O7wt5JNHmQpaL7sfhy-bGHR-r1kDMwtG5Tjn69Ow_tfWBgBIBM
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
log
hblg.media.net/ Frame A717 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&acid=fc48376518d14ea58ef619295c50b248&bidrestime=1671116258476&cbdp=0.014&ogbdp=0.02&prvReqId=355083493588334_957244165_90521842213191&pvid=319&scrid=1700080807684000300025000000500&size=300x250&slotVisibility=2&viewability=18&app=0&cc=US&cid=8CUW5O213&csip=rtb-appnexus-64d76c54bd-92wlc.SC&device_id=4&dn=thetimestribune.com&itype=ADX&mang=1&requrl=https%3A%2F%2Fwww.thetimestribune.com&dtc=east_sc&zone=d&commit_id=1224efef&ugd=4&ctr=0.0&rme=nurl
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:38 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 15 Dec 2022 14:57:38 GMT
log
qsearch-a.akamaihd.net/ Frame A717 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=2&ss_d1=0&ogerpm=0.0000&ss_d2=0&stid=&other_prv=319&jar_err=&current_day=4.0&adtyp=0&req_id=Yn2ZnRmucTOgaK3qvAo3oQ&bd_m3=0.0000&dmm_d36=NA&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&dim11=0&predicted_wr=72.7957&exp=&deal_id=&fdbk_id=&second_bidder=*&search_res=32&floor_bucket=0.00&gpid_format=&seat=319&rc=-1&size=300x250&f_seg=&prdp=0.0136&local_wr_url=0.0000&ogcbdp=0.0200&dfpbd=0.0136&server=1&ogerpm_wd_bkt=0-1&model_version=202212150945_generic_adx_2-cid_2&viewability=0.1800&dmm_r=0.5140&cut=32&dmm_l=0.5140&as_cache=1&tcyerpm=&sc=NY&send_erpm=true&dmm_m9=0.0000&sd=0&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.00&ugd_ver=&requrl=thetimestribune.com%2F&bidrestime=1671116258476&cc=US&strg=harmony&ss=&current_hour=14&time_stamp=2022-12-15+14%3A57%3A38&model_key=generic_adx_2-cid_2&rvshhon=&mul_ratio=0.0000&bdp=0.0200&ct=New+York&akey=&mnckfl=0&bdp_bucket=0.00&algo=default&dc=east_sc&dim5=0&splid=&dim4=exploration&erpm_mult=1.000000&dn=thetimestribune.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F108.0.5359.124+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&dmm_m11=0.0000&dmm_m12=0.0000&acid=fc48376518d14ea58ef619295c50b248&zone=d&infl=&o_ver=NT+10.0&br_ver=108.0.5359.124&bdmm_m6=1.0000&bdmm_m7=0.4030&bdmm_m5=0.8760&ver=9.1.2&totalTimeBucket=2&visibility=2&totalTime=2467576&dmm_m1=2022-12-15+14%3A57%3A38.479118907&e_rpm=0.0260&dmm_m22=0.0000&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.2900&cid=8CUW5O213&bcrid=1700080807684000300025000000500&rawbid=0.0200&seat_id=319&sub_bidder=0&pst=EMS&pbshr=100.0000&dmm_d10=4&o_id=101&clisp=rtb-appnexus-64d76c54bd-92wlc.SC&dfp_bucket=0.0&adblk=327154330&itype=adx&pvid_seat=319_319&cliIP=0&advurl=topics.businessfocus.online%2F&level_base=0&crid=905218422&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&dmm_d22=0.00&second_bid=0.000000&sc_pvid=319&capd=0&other_bids=0.02
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:38 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 15 Dec 2022 14:57:38 GMT
nmedianet.js
contextual.media.net/ Frame A717 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
069e356ecb8b598f6bd7c3994d25fb4025bd1abca3160b346f50c5048b53274c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-mnt-h
21-7qck
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 15 Dec 2022 14:57:38 GMT
server
Apache
etag
"c50305f6e6d908e42fb894346fce2ee5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Thu, 15 Dec 2022 15:02:38 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame A717 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Thu, 15 Dec 2022 14:57:38 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=10440
access-control-allow-credentials
true
content-length
62892
expires
Thu, 15 Dec 2022 17:51:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A717 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
63749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:15:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame A717 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
63882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 28 Dec 2022 21:12:56 GMT
l
www.google.com/ads/measurement/ Frame A717 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTmCxqA1G8N_FTxsfsNp1SpV9Y50OqjLU9TNauziIwg3fNkoaGlzYZzd4YdbLsl3pv02ngBNzAmBRqoCYFsTvvc14Ruyw
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A717 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 21:15:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
63739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 21:15:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A717 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 15 Dec 2022 14:57:38 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=269.3807067871094&gp=80.62770080566406&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250956&de=706780601160&cu=1671116250956&m=7978&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=80.62770080566406&lb=10265&le=1&lf=0&lg=1&lh=57&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A952%3A952%3A10634%3A2773&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7895&cd=107&ah=7895&am=107&dq=7895&dr=107&ds=7895&dt=107&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.11140625&zMoatVSD=31.152&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7483&ef=0&eg=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=1321146971&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:38 GMT
collect
www.google-analytics.com/ Frame 2F07 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=5&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Aquartile-25&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=217581551
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63783
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame A717 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.29.143.137 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
9bc0ba72a920e9715634b081c08ae20e167ec3be8082194392c4bbacabef7579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:39 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
33772
Expires
Thu, 15 Dec 2022 15:02:39 GMT
smtr
contextual.media.net/ Frame A717 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUT4OKFR&cpcd=owD7EomznB7f566jMhd_-A%3D%3D&crid=614711387&size=300x250&cc=US&sc=NY&chnm=HARMONY&pid=8PO8BCW0D&tpid=TJ546S9&https=1&vif=2&requrl=https%3A%2F%2Fwww.thetimestribune.com&nse=5&vi=1671116258476021720&lw=1&ugd=4&adt1=8CUW5O213&adt2=905218422&itid=17&bae=B4xBBB4qzq&bcpf=B4x8fOnRrolnfOur8BBB4qzq&bdrId=319&ntv=0&matchstring=bcat%3Dlo%2Cj3%2C150%2C133%2C3g%2Cy5%2Cmk%2C10%2Cqp%2C3r%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Ci2%2Cc0%2Cs%2C3%2C149%2C4k%2C12z%2C13a%7Ccsh%3D1&pgid=p1573489986t202212151457&newfl=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NY
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb69d71a4b9708997f84e641a926a82ea92f1a716b3eb1e7cf1ee6fedbb9d08a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-vslw
timing-allow-origin
*
content-length
29897
expires
Thu, 15 Dec 2022 14:57:39 GMT
bping.php
lg3.media.net/ Frame A717 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=568&&vgd_cdv=835&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUT4OKFR&crid=614711387&vi=1671116258476021720&ugd=4&lf=6&cc=US&sc=NY&vsid=3141178480815869&lper=100&wsip=2886995206&r=1671116258991&requrl=https%3A%2F%2Fwww.thetimestribune.com&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1671116258147919901&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUW5O213&vgd_hb_audit_2=905218422&vgd_pgid=p1573489986t202212151457&vgd_pgids=1&vgd_uspa=0&hvsid=00000167111625898700958081581454&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=34138
Connection
keep-alive
Content-Length
15
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 7E90 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.29.143.137 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
9bc0ba72a920e9715634b081c08ae20e167ec3be8082194392c4bbacabef7579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Thu, 15 Dec 2022 14:57:39 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive
Content-Length
33772
Expires
Thu, 15 Dec 2022 15:02:39 GMT
smtr
contextual.media.net/ Frame 7E90 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUT4OKFR&cpcd=owD7EomznB7f566jMhd_-A%3D%3D&crid=614711387&size=300x250&cc=US&sc=NY&chnm=HARMONY&pid=8PO8BCW0D&tpid=TJ546S9&https=1&vif=2&requrl=https%3A%2F%2Fwww.thetimestribune.com&nse=5&vi=1671116258892632575&lw=1&ugd=4&adt1=8CUW5O213&adt2=905218422&itid=17&bae=B4xBBB4qzq&bcpf=B4xB8fOnRrolnfOur8BB4qzq&bdrId=319&ntv=0&matchstring=bcat%3Dlo%2Cj3%2C150%2C133%2C3g%2Cy5%2Cmk%2C10%2Cqp%2C3r%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Ci2%2Cc0%2Cs%2C3%2C149%2C4k%2C12z%2C13a%7Ccsh%3D1&pgid=p1573489986t202212151457&newfl=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NY
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUT4OKFR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
329c2789eb97417e01bc0e1d94b5308fee029f7a088af41c93cd72f4755a79e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-sggf
timing-allow-origin
*
content-length
29957
expires
Thu, 15 Dec 2022 14:57:39 GMT
bping.php
lg3.media.net/ Frame 7E90 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=568&&vgd_cdv=835&vgd_cage=0&gdpr=0&prid=8PRVCXX19&cid=8CUT4OKFR&crid=614711387&vi=1671116258892632575&ugd=4&lf=6&cc=US&sc=NY&vsid=3141178480815869&lper=100&wsip=2886995206&r=1671116259017&requrl=https%3A%2F%2Fwww.thetimestribune.com&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1671116258162305079&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUW5O213&vgd_hb_audit_2=905218422&vgd_pgid=p1573489986t202212151457&vgd_pgids=1&vgd_uspa=0&hvsid=00000167111625901000958081583650&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=34138
Connection
keep-alive
Content-Length
15
checksync.php
contextual.media.net/ Frame 25F1 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b8f02caee56bb1393684377933784167af4f39139fae157247c8837be6c0eb7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9578
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:39 GMT
expires
Sat, 17 Dec 2022 14:57:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame A717 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5558&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUW5O213&reqid=Yn2ZnRmucTOgaK3qvAo3oQ&vid=Yn2ZnRmucTOgaK3qvAo3oQ&dn=thetimestribune.com&rawDn=thetimestribune.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.thetimestribune.com&cliIPV6=2a0d%3A5600%3A0024%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=New+York&pubid=pub-ADX-101639958875-pub-rep&tgtval=pub-ADX-101639958875-pub-rep&csip=rtb-appnexus-64d76c54bd-92wlc.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=0&sckfl=1&suid=CAESEAg0JTtm4J-_vCVqJtXmCew&smbrid=adx-2&usp_status=0&usp_enf=1&gqid=ADdJoTsGry19DxQy7-jmpuDQQPID07CSIhOfqB-HEzOeqYXOJeQl8cf2QHsG4NiL_hkChpLM&pexid=ADX-pub-6718426237615610&geoll=false&is_ortb=false&s_ip=74.125.19.16&s_city=morganton&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-14+00%3A00%3A00&schain_cmpl=0&dummy_vsid=false&amptype=1&second_call=false&rtttime=35&pvid=319&prvAccId=614711387&prvApiId=8CUT4OKFR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=905218422&prspt=headerBid&prvReqId=355083493588334_957244165_90521842213191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.020&cbdp=0.014&og_cbdp=0.020&ogbdp=0.02&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.014&dt=O&dbf=1&epc=614711387&s=1&snm=SUCCESS&pcrid=8CUT4OKFR-614711387-51-25&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=18&slotVisibility=2&adpos=3&iframingState=0&sbdrid=99&exp=sce%3D1%7CssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=319&brsrclk=0&bidrestime=1671116258476&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684000300025000000500&strg=HARMONY&pgcatiab=IAB17&pgcatiab2=379&pgcatsprig=1077&vls=0&scrid=1700080807684000300025000000500&mang=1&pvdTmax=254&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUT4OKFR&mx_SPRIG=1&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUT4OKFR&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_crsw_exp=ged&mx_tgs=200x200%7C250x250%7C300x250&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_crsw_bckt=A2&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_ip_exp_verd=false&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=fc48376518d14ea58ef619295c50b248&rtime=15.0&wsip=mowx-lite-5847bf8c79-kwfxq&ltime=30.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=327154330&impId=1&reftime=30&reftype=3&psrc=fail&mowxReqId=fc48376518d14ea58ef619295c50b248_1&policy_enf=2&pub_blk_enf=1&renderer=1&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=Yn2ZnRmucTOgaK3qvAo3oQ&viewability_vendor=EXCHANGE&actltime=31&mp_seg%3C%3E=44412%23%237468%23%2317242&debug_ts=2022-12-15+14%3A57%3A38&__expireat=1671116858730&mview=1&rme=adm&bdata=~bx_len%3D1548~bhp%3D0~bid%3D0.020~bx_agl2a_l%3D0~bx_asn%3D0~bx_cs%3D0~bx_exp%3D0.5~bx_ginsu%3D0~bx_iab%3DIAB17~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DNEWYORK~ck_fl%3D2~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D4~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D4~dmm_d17%3D1~dmm_d18%3D15~dmm_d19%3D1100~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.00~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3DL_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D0~dmm_d29%3D0.80~dmm_d3%3D0.5~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D1.20~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D4~dmm_d9%3D0~dmm_l%3D0.005~dmm_m1%3D0.026~dmm_m10%3D0.823~dmm_m11%3D0.933~dmm_m12%3D0.290~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.407~dmm_m17%3D1.000~dmm_m2%3D0.017~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D12~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m35%3D28322.000~dmm_m36%3D28322.000~dmm_m37%3D4.000~dmm_m38%3D4.000~dmm_m39%3D89235.987~dmm_m40%3D140287.000~dmm_m41%3D14.852~dmm_m42%3D24.000~dmm_m43%3D2.203~dmm_m44%3D1.000~dmm_m47%3D1204.000~dmm_m48%3D2258505.000~dmm_m5%3D0.876~dmm_m50%3D1798.000~dmm_m6%3D1.000~dmm_m7%3D0.403~dmm_m9%3D1.000~dmm_r%3D0.514~e_rpm%3D0.026~erpm%3D0.026~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D2a0d-5600-0024-0000-0000-0000-0000-0000~r_sc%3DNY~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3D327154330~vbr%3D0~visibility%3D2~supply_tag_id%3D%7Eviewability%3D0.18%7Eamp%3D1%7Ecbdp%3D0.014%7Edmm%3Dharmony%7Esuid%3DCAESEAg0JTtm4J-_vCVqJtXmCew%7Edtc%3Deast_sc%7Exid%3DADX-pub-6718426237615610%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D327154330%7Esobp%3D%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~~mxe%3Dged~mxbn%3DA2&utime=553&sf=0&cpr=0.5092422458186199
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 15 Dec 2022 20:57:39 GMT
checksync.php
contextual.media.net/ Frame C386 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b8f02caee56bb1393684377933784167af4f39139fae157247c8837be6c0eb7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9578
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:39 GMT
expires
Sat, 17 Dec 2022 14:57:39 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 7E90 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5723&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUW5O213&reqid=hIMIRJyTOGn_70rI0-OauQ&vid=hIMIRJyTOGn_70rI0-OauQ&dn=thetimestribune.com&rawDn=thetimestribune.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.thetimestribune.com&cliIPV6=2a0d%3A5600%3A0024%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=New+York&pubid=pub-ADX-101639958875-pub-rep&tgtval=pub-ADX-101639958875-pub-rep&csip=rtb-appnexus-64d76c54bd-rqf7p.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=0&sckfl=1&suid=CAESEAg0JTtm4J-_vCVqJtXmCew&smbrid=adx-2&usp_status=0&usp_enf=1&gqid=ADdJoTuiH2Didjo2J1P6NKYm_YBtvEj_JN8oMlZy1n4evvmM3PEHHv656oGeD3Ir4BCvh-Ex&pexid=ADX-pub-6718426237615610&geoll=false&is_ortb=false&s_ip=74.125.19.11&s_city=morganton&commit_id=1224efef&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2022-12-14+00%3A00%3A00&schain_cmpl=0&dummy_vsid=false&amptype=1&second_call=false&rtttime=62&pvid=319&prvAccId=614711387&prvApiId=8CUT4OKFR&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=905218422&prspt=headerBid&prvReqId=1466682192124571_2137181067_90521842213191&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.050&cbdp=0.03&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dfpBd=0.03&dt=O&dbf=1&epc=614711387&s=1&snm=SUCCESS&pcrid=8CUT4OKFR-614711387-51-8&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=57&slotVisibility=2&adpos=3&iframingState=0&sbdrid=99&exp=sce%3D1%7CssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&mnrfc=-1&seat=319&brsrclk=0&bidrestime=1671116258495&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080807684000300025000000500&strg=HARMONY&pgcatiab=IAB17&pgcatiab2=379&pgcatsprig=1077&vls=0&scrid=1700080807684000300025000000500&mang=1&pvdTmax=253&fpusp=false&ae=false&epcexp=false&moau=true&incentive_type=0&ucrid_ver=2&omid=0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CUT4OKFR&mx_SPRIG=1&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUT4OKFR&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=4&mx_nsz=3&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_crsw_exp=ged&mx_tgs=200x200%7C250x250%7C300x250&mx_bsProfileRa=0&mx_IAB2=1&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=2&mx_crsw_bckt=A2&mx_isLossNtf=false&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_ip_exp_verd=false&mx_gpid_sent=false&mx_commit_id=f364e2e9ad&acid=79de3a0614d44d5392ee025495f4ec6a&rtime=44.0&wsip=mowx-lite-5847bf8c79-vhftb&ltime=56.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=327154326&impId=1&reftime=30&reftype=3&psrc=fail&mowxReqId=79de3a0614d44d5392ee025495f4ec6a_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=0.0&ctr_vendor=EXCHANGE&rfc=-1&feedback_id=hIMIRJyTOGn_70rI0-OauQ&viewability_vendor=EXCHANGE&actltime=57&mp_seg%3C%3E=44412%23%237468%23%2317242&debug_ts=2022-12-15+14%3A57%3A38&__expireat=1671116858749&mview=1&sc_pvid=294&sc_ogbdp=0.03&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.030&sc_cbdp=0.030&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=~bx_len%3D1549~bhp%3D0~bid%3D0.050~bx_agl2a_l%3D0~bx_asn%3D0~bx_cs%3D0~bx_exp%3D0.5~bx_ginsu%3D0~bx_iab%3DIAB17~bx_intmd%3D0~bx_l2as%3D0~bx_lvmp%3D00000000000000000000000000000000000000000000000000~bx_ref_url%3D%40Lhz6grA1wm%2F~bx_rh%3D47DEQpj8HB~bx_rpc%3D0010000~bx_size%3D300x250~bx_t_enabled%3D0~bx_t_exp%3D0~bx_tmax%3D250~bx_tml_suffix%3D%2F~city%3DNEWYORK~ck_fl%3D2~dc%3Dgcp-us-east1-d~dmm_d1%3D0~dmm_d10%3D4~dmm_d11%3D0~dmm_d12%3D1~dmm_d13%3D0~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D4~dmm_d17%3D2~dmm_d18%3D50~dmm_d19%3D0100~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.01~dmm_d23%3D0~dmm_d24%3D5~dmm_d25%3Ddef_new~dmm_d26%3D0~dmm_d27%3D0~dmm_d28%3D0~dmm_d29%3D0.80~dmm_d3%3D0.5~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d39%3Djson%2Fbid%2FgetOrtbResponse~dmm_d4%3D00~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d5%3D0~dmm_d51%3D0~dmm_d52%3D1.00~dmm_d53%3D0000~dmm_d56%3D0~dmm_d6%3D0~dmm_d7%3D0~dmm_d8%3D4~dmm_d9%3D0~dmm_l%3D0.013~dmm_m1%3D0.067~dmm_m10%3D0.823~dmm_m11%3D0.933~dmm_m12%3D0.779~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.000~dmm_m16%3D0.407~dmm_m17%3D1.000~dmm_m2%3D0.017~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m27%3D12~dmm_m28%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m32%3D0.010~dmm_m34%3D1.000~dmm_m35%3D28322.000~dmm_m36%3D28322.000~dmm_m37%3D4.000~dmm_m38%3D4.000~dmm_m39%3D89235.987~dmm_m40%3D140287.000~dmm_m41%3D14.852~dmm_m42%3D24.000~dmm_m43%3D2.203~dmm_m44%3D1.000~dmm_m47%3D7933.000~dmm_m48%3D2290779.000~dmm_m5%3D0.875~dmm_m50%3D563.000~dmm_m6%3D1.000~dmm_m7%3D1.081~dmm_m9%3D1.000~dmm_r%3D0.514~e_rpm%3D0.067~erpm%3D0.067~hc%3D0%20%2B%200~iha%3D0~itype%3DADX~r_ip%3D2a0d-5600-0024-0000-0000-0000-0000-0000~r_sc%3DNY~rbo%3D5_3~ref_cnt%3D0~sgmt%3Dempty~std%3D327154326~vbr%3D0~visibility%3D2~supply_tag_id%3D%7Eviewability%3D0.57%7Eamp%3D1%7Ecbdp%3D0.030%7Edmm%3Dharmony%7Esuid%3DCAESEAg0JTtm4J-_vCVqJtXmCew%7Edtc%3Deast_sc%7Exid%3DADX-pub-6718426237615610%7Edalg%3Ddefault%7Ehtml%3D1%7Eadblk%3D327154326%7Esobp%3D0.03%7Ectr%3D0.0%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.050%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~~mxe%3Dged~mxbn%3DA2&utime=542&sf=0&cpr=0.5766525709891412
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
max-age=3600
date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Thu, 15 Dec 2022 20:57:39 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=269.3807067871094&gp=80.62770080566406&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116250956&de=706780601160&cu=1671116250956&m=7980&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=80.62770080566406&lb=10265&le=1&lf=0&lg=1&lh=57&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A952%3A952%3A10634%3A2773&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7895&cd=7895&ah=7895&am=7895&dq=7895&dr=7895&ds=7895&dt=7895&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.11140625&zMoatVSD=31.152&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7483&ef=0&eg=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=690995818&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:39 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=8101&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=8101&dh=30000&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116250956&r=706780601160&t=q1&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&mobile=0&bedc=1&q=4&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:39 GMT
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 4373 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.29.143.137 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3751
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 14:57:39 GMT
Expires
Thu, 15 Dec 2022 15:02:39 GMT
Vary
Accept-Encoding
x-powered-by
Express
ptmdP
dts.clnmde.com/ Frame A717 		7 B
366 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdDual
dts6.clnmde.com/ Frame A717 		70 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22167111625908533243488396%22%2C%22za%22%3A1%2C%22gcd%22%3A1671116259111%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame FBEF 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.29.143.137 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3751
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Dec 2022 14:57:39 GMT
Expires
Thu, 15 Dec 2022 15:02:39 GMT
Vary
Accept-Encoding
x-powered-by
Express
ptmdP
dts.clnmde.com/ Frame 7E90 		7 B
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdDual
dts6.clnmde.com/ Frame 7E90 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22167111625916333981181190%22%2C%22za%22%3A1%2C%22gcd%22%3A1671116259183%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A7C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 04:23:01 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 04:23:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6372 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
38078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 15 Dec 2022 04:23:01 GMT
etag
48472445140208031
expires
Fri, 16 Dec 2022 04:23:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cksync
cs.media.net/ Frame C386
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
45
X-MNET-HL2
E
Expires
Thu, 15 Dec 2022 14:57:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame C386
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dloop%26ovsid%3D%7Bviewer_token%7Dhttps%3A%2F%...
  • https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=f3236bde-a08a-44fa-8735-00cbfaa6676chttps://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162...
44 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=f3236bde-a08a-44fa-8735-00cbfaa6676chttps://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162592863141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 14:57:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
44
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 14:57:39 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=f3236bde-a08a-44fa-8735-00cbfaa6676chttps://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162592863141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
date
Thu, 15 Dec 2022 14:57:39 GMT
server
_
content-length
0
truncated
/ Frame 7E90 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91746364c402e86202a711c262fba3bba6da76c25c1f3ecf5835207520fcb1ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A717 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19e45f370bcabb1ef42b7dfa94381990a6e6d873370e7ca2e09a46f308634864

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
cksync
cs.media.net/ Frame 25F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 14:57:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e063f1e7-594f-448d-9ec8-39652287366a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
cksync.php
contextual.media.net/ Frame 25F1
Redirect Chain
  • https://csync.loopme.me/?pubid=11498&gdpr=0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dloop%26ovsid%3D%7Bviewer_token%7Dhttps%3A%2F%...
  • https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=30b7bc9e-c93d-483d-ad0b-8f9ef6ede929https://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162...
44 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=30b7bc9e-c93d-483d-ad0b-8f9ef6ede929https://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162593323141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUW5O213&prvid=99%2C77%2C20000%2C2033%2C294%2C241%2C101%2C3018%2C246%2C4%2C313%2C238%2C359%2C10000%2C239%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 14:57:39 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
44
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 14:57:39 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=1&type=loop&ovsid=30b7bc9e-c93d-483d-ad0b-8f9ef6ede929https://contextual.media.net/cksync.php?cs=6&vsid=3141178480815869000V10&type=loop&refUrl=&vid=11162593323141178480815869000V10&ovsid=&gdpr_consent=${GDPR_CONSENT_109}&gdpr=0
date
Thu, 15 Dec 2022 14:57:39 GMT
server
_
content-length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=2&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=269.3807067871094&gp=80.62770080566406&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116251006&de=369412274217&cu=1671116251006&m=8387&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=80.62770080566406&lb=10265&le=1&lf=0&lg=1&lh=97&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A952%3A952%3A10634%3A2773&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8346&cd=175&ah=8346&am=175&dq=8346&dr=175&ds=8346&dt=175&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.11140625&zMoatVSD=32.684&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7581&ef=0&eg=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=522420560&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:39 GMT
collect
www.google-analytics.com/ Frame 5E80 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1506855948&t=event&ni=0&_s=5&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Aquartile-25&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&cd24=&cd1=598968&cd2=30&z=1816871830
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63784
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cenw.js
dts.clnmde.com/ Frame 4373 		36 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
8f3347564b1cf14fc65eb1d66b2e0941a735c0c81a837f50bd715bed98e451c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
etag
W/"24-2q4z2yecqYwPBi/GNTcLkg"
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
alt-svc
clear
8c63bb60-6d44-46f6-9dda-d82253be4c66.jpg
cvision.media.net/new/140x110/2/177/57/52/ Frame EF1B 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/2/177/57/52/8c63bb60-6d44-46f6-9dda-d82253be4c66.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5803cf9fff8491b4b53e3c974734604a2e7ef841325a7d16e8515f5e02fa0ce7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Thu, 22 Mar 2018 21:11:54 GMT
server
nginx
etag
"5ab41c1a-49ac"
content-type
image/jpeg
accept-ranges
bytes
content-length
18860
truncated
/ Frame EF1B 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
afaccaf0-1e2d-4de4-89b9-2e62fef38391.jpg
cvision.media.net/new/140x110/3/95/255/43/ Frame EF1B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/3/95/255/43/afaccaf0-1e2d-4de4-89b9-2e62fef38391.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9af73bad8550ce4999a7e00775bce7b84d4db635c6fbea7d3bc991053f112e24

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Wed, 21 Mar 2018 10:52:40 GMT
server
nginx
accept-ranges
bytes
etag
"5ab23978-43b2"
content-length
17330
content-type
image/jpeg
0c68cc52-666d-48f3-b090-7d23f5b75e17.jpg
cvision.media.net/new/140x110/3/72/42/210/ Frame EF1B 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/3/72/42/210/0c68cc52-666d-48f3-b090-7d23f5b75e17.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fb5a12af021931567eb06bfe3c613f4a0e0bf2a3ba6ecfb008286b9114b5cda7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Mon, 09 Apr 2018 20:31:21 GMT
server
nginx
accept-ranges
bytes
etag
"5acbcd99-32cb"
content-length
13003
content-type
image/jpeg
ef7b0b0d-58d6-43be-a1bf-d86c1a052f62.jpg
cvision.media.net/new/140x110/2/50/92/135/ Frame EF1B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/2/50/92/135/ef7b0b0d-58d6-43be-a1bf-d86c1a052f62.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
71ddccf5ad2a834a802475f8dcdce1775829a2d8e7fab01f3f03ecf6494e3fe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Wed, 21 Mar 2018 12:43:47 GMT
server
nginx
accept-ranges
bytes
etag
"5ab25383-3052"
content-length
12370
content-type
image/jpeg
truncated
/ Frame EF1B 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EF1B 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame EF1B 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.133.31 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Origin
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 15 Dec 2022 14:57:39 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-6478"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25720
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1A7C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1&google_push=AavPq0OxhpDos-CM5QA7WuScH_Z9q4C6_DCy5JHKqomJxCMCcdZOP_pEvF3BjP_zSXSSaFbq4AViuCWRgqQu2CMfm3IBJ_INNKvD9...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU2MDU2NzQ1NzYxMjM5MDYwMw==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEOgYKL277LHzKtyM5K7sAmA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEK_-ASEegbK6jlCT9UrMuI8&google_cver=1&google_push=AavPq0PAjlx40gj1K0RF2AjSsC3EngC-NdLEOp3oE8NIdPHpm7YdSm2aZtGByIXwQNTZlD0r-SCmPvx...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N8aEy5eYTdK8WRNf5qfYtGObNds
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N8aEy5eYTdK8WRNf5qfYtGObNds
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=N8aEy5eYTdK8WRNf5qfYtGObNds
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOkcg7MpbOwm_CYGl3GA520&google_cver=1&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG6l9Ez3TAH5emJp_6Y1TFw-2ZtD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG6l9Ez3TAH5emJp_6Y1TFw-2ZtD9CW66z3x8iQArb9mFs4qfW5A76vugFqEy2wiRu1psGQBA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJQN0dSUjAtMjMtNEJVQw==&google_push=AavPq0PYhCa97KVsng9WPRDMTi6vVTidCOEsUlYf2UrhjVuYrr7CfKxo6I0V42ZhUmmF1P7thUG6l9Ez3TAH5emJp_6Y1TFw-2ZtD9CW66z3x8iQArb9mFs4qfW5A76vugFqEy2wiRu1psGQBA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEHJFlxJgAxrIqU1g99eCXvA&google_cver=1&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwOgqyye0p...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SwOwBXk1T2mMIERnGlfTnA&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SwOwBXk1T2mMIERnGlfTnA&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwOgqyye0pPBL8E_YuUmAzTVLSBzuhk4XzJjVhlgKgxeR9EFek6Q0OGZ1KJZgQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=SwOwBXk1T2mMIERnGlfTnA&google_push=AavPq0OK2PQ5tFfnCQFgtgmO1Tyq4TwKHeR4MdusOW645w2CMF9UmP_QijQfjl81vfalllSYqEF0PIZuqa4dbwOgqyye0pPBL8E_YuUmAzTVLSBzuhk4XzJjVhlgKgxeR9EFek6Q0OGZ1KJZgQ
access-control-allow-origin
*
date
Thu, 15 Dec 2022 14:57:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECKw82GAbjtPBQTIhFz6kXI&google_cver=1&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJFxjUlDykUxBS7yOZKHmbUt&google_hm=WTVzMTJNQ281c3NBQUkzbnhhZ0FBQUFB
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:39 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESECKw82GAbjtPBQTIhFz6kXI&google_cver=1&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJFxjUlDykUxBS7yOZKHmbUt","cluster_id":0,"gdpr":false,"ipv4":"5.181.234.158","key":"Y5s12MCo5ssAAI3nxagAAAAA","privacy_sensitive":false,"uid":"Y5s12MCo5ssAAI3nxagAAAAA","upstream_id":"a-ad40001"}
X-SO-Key
Y5s12MCo5ssAAI3nxagAAAAA
X-SO-Upstream-ID
a-ad40001
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
a-ad40001.dc2p.scaleout.jp
X-SO-UID
Y5s12MCo5ssAAI3nxagAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
5.181.234.158
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AavPq0NZaNKhr1O6NFMxq1OOfZEqLEVTgPTVoOFr499UlYOuWtFjDkFoZxev8TgZtbIvjYkI_s6xqO_BAsZGMBCCQq4oxDit6jX9q9OaRltIaw2iYM1666u0zJFxjUlDykUxBS7yOZKHmbUt&google_hm=WTVzMTJNQ281c3NBQUkzbnhhZ0FBQUFB
Cache-Control
private
X-SO-Ads-Time
5
X-SO-LB-Hostname
a-tgng40007.dc2p.scaleout.jp
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEC5tOzuda_Ysvqz46yJVFBM&google_cver=1&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K5sVG0JA5_MyTe4OAz2EPbkL00MkBs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K5sVG0JA5_MyTe4OAz2EPbkL00MkBsUFX2fUZy3IiTgwxg&google_hm=cc407a3660b54702de1c1bc3b50ecdcb
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0NJ3TqC-xcIx3apkc-Tr36y0_7Tymf0Qi7vWxT31mnPemzTNweK2TypFP8Lo0BuuufaliEUydlIcWofT-deaB6Sz-oQrgC8K5sVG0JA5_MyTe4OAz2EPbkL00MkBsUFX2fUZy3IiTgwxg&google_hm=cc407a3660b54702de1c1bc3b50ecdcb
date
Thu, 15 Dec 2022 14:57:39 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 1A7C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEF9EKeAEOOPlXAKJKsjRXi4&google_cver=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQccHgpEs8PM2xthXTlLzhWWJ8...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=vzZkBB0MR2qUb0Q3RFKhjw==&no_redirect=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQcc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=vzZkBB0MR2qUb0Q3RFKhjw==&no_redirect=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQccHgpEs8PM2xthXTlLzhWWJ871xLk4k5ANKOXdr_CicQ9RDlumBIPPCyh3RjWRvc9mTNHSn8HZT776u6fvfyTalQt8GAfnE
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=vzZkBB0MR2qUb0Q3RFKhjw==&no_redirect=1&google_push=AavPq0PHH8LJSs6VwLTHw5KlEXCmQTuGvkCk1IuZZGBICaqadVJQccHgpEs8PM2xthXTlLzhWWJ871xLk4k5ANKOXdr_CicQ9RDlumBIPPCyh3RjWRvc9mTNHSn8HZT776u6fvfyTalQt8GAfnE
date
Thu, 15 Dec 2022 14:57:39 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1A7C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LAPG2U_6O-1OvQRyvS09qWG9I9rzVLSidn7N0qH5IAPgLJD-zZo1q76Hf4IJMqxUUGsdxHbA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
928f9f14-367c-4a0e-8123-4f38d742cf27.jpg
cvision.media.net/new/140x110/2/179/213/11/ Frame 45D6 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/2/179/213/11/928f9f14-367c-4a0e-8123-4f38d742cf27.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d58070cbaf6fcd1842cfbdfa2415afbc8463a894d7bacd7f395789e7ebcb6fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Tue, 20 Mar 2018 14:30:09 GMT
server
nginx
accept-ranges
bytes
etag
"5ab11af1-3564"
content-length
13668
content-type
image/jpeg
truncated
/ Frame 45D6 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
adb3478e-c94c-4cdb-9882-fa384ccec861.jpg
cvision.media.net/new/140x110/3/178/41/161/ Frame 45D6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/3/178/41/161/adb3478e-c94c-4cdb-9882-fa384ccec861.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0d8d4465dfe26cc7f993263332190ae8562c8f15977b6228b08358e35e2eb72f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 23 Mar 2018 04:28:17 GMT
server
nginx
etag
"5ab48261-44f6"
content-type
image/jpeg
accept-ranges
bytes
content-length
17654
2c2c1fbd-fcc0-4937-be9e-f342bbcdfbf2.jpg
cvision.media.net/new/140x110/3/110/104/193/ Frame 45D6 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/3/110/104/193/2c2c1fbd-fcc0-4937-be9e-f342bbcdfbf2.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
26168261b96488292ea815558bdf42c2f32047e452aed9fafd44ea7278b564ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 23 Feb 2018 19:58:48 GMT
server
nginx
etag
"5a907278-3b2b"
content-type
image/jpeg
accept-ranges
bytes
content-length
15147
f56e15f6-afdf-4802-b083-be635fcc04bf.jpg
cvision.media.net/new/140x110/2/1/176/249/ Frame 45D6 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cvision.media.net/new/140x110/2/1/176/249/f56e15f6-afdf-4802-b083-be635fcc04bf.jpg?v=9
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.144.21 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-144-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b075e2b402801e3bc84ffd15fa18f2d30715c11f83cc5a85e3a52b5a79da5ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Sun, 01 Apr 2018 08:51:27 GMT
server
nginx
accept-ranges
bytes
etag
"5ac09d8f-33ad"
content-length
13229
content-type
image/jpeg
truncated
/ Frame 45D6 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 45D6 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/ Frame 45D6 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://res-a.akamaihd.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.44.133.31 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07

Request headers

Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
Origin
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 15 Dec 2022 14:57:39 GMT
Last-Modified
Mon, 16 May 2016 10:39:41 GMT
Server
nginx
ETag
"5739a36d-6478"
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25720
pixel
cm.g.doubleclick.net/ Frame 6372
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEJosleSftep9DQN0QDhc2K8&google_cver=1&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp&google_cver=1&googl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp&google_cver=1&google_gid=CAESEJosleSftep9DQN0QDhc2K8&google_hm=UTcyNDQwMjY1NTEwOTE2MjE5NDRQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AavPq0OZ7RPOd3LeE-UkIYg3h_hjBGgGCdqyZZfaHSpqgn68Y0J0z5WP9MNmkhkPeMoFYmFdIpAppJT6hBtwISoDaWbKBUCmlFNp&google_cver=1&google_gid=CAESEJosleSftep9DQN0QDhc2K8&google_hm=UTcyNDQwMjY1NTEwOTE2MjE5NDRQ
Content-Type
text/html
Cache-Control
max-age=28279
Connection
keep-alive
Content-Length
154
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 6372 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJ0692vYqU1d2uB1zoh138w&google_cver=1&google_push=AavPq0M7TjtJCyWTGQ-ruxtnwMIVx0r4OsXNcBXMuar6R6x37_ggIPomTiE5h_I5tD6nm2I26HdeZX9XlYPmWsskNXiNmq5dgkRV
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 6372
Redirect Chain
  • https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEIqFtQryKZ8OfB-cdHgWev0&google_cver=1&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_g...
  • https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=zTAT8XyIEe2SwRIIF0Y8jw&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_gU9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=zTAT8XyIEe2SwRIIF0Y8jw&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_gU910lzX&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtheorent&google_hm=zTAT8XyIEe2SwRIIF0Y8jw&google_push=AavPq0MRFJNAe54J-sqgPkHMkBy4mnesV0bFuwfHDjjkxP9ZW700dsBf78EG5lNuloNu-kPQCXrhTNifYUFKRlTmZJE_gU910lzX&google_redir=https%3A%2F%2Frtb.adentifi.com%2FCookieSyncAdXCheck&google_ula=6802874232
date
Thu, 15 Dec 2022 14:57:39 GMT
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 6372
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJ_1qR3nVUiEh7Gv4mJTgcA&google_cver=1&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmizv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwOTEzMDgxMDYzNzc2NTU1OA&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwOTEzMDgxMDYzNzc2NTU1OA&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmizvOn3FEnwJkksxpNj3ivI
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwOTEzMDgxMDYzNzc2NTU1OA&google_push=AavPq0NnIQuFFTYVoE98cFChIbsxmynta9SXrCCptx-yz9JdTmD7Odz2xsYWwz1BouGmjSlwihTmmizvOn3FEnwJkksxpNj3ivI
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6372
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENV_ln7JrvMhxgwCuIH6AHc&c_param1=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD&gdpr=%%GDPR%%&...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AavPq0N1xkA9ii5dQent-LYdDNkDvIjzsH0mHU48evVuoR9SrAyLS3xQK6q3aliRJcsZXaHX-nUpYTSUMbKY_2qzrCp5-DJwdMKD
date
Thu, 15 Dec 2022 14:57:39 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6372
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEZKahQGOaiUA7Cu4BQrADA&google_cver=1&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR8sMTNtltvEnKVOmIbu-BHm&google_hm=MTc0MzE3NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR8sMTNtltvEnKVOmIbu-BHm&google_hm=MTc0MzE3NTQ1MDI5MDA4NjI2MQ%3D%3D
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AavPq0NXbS_K3y5U8ukv6pasEg2OZR8fUkqP40wQ20NFGPjVK-cBrmtvtAEa0UbHo9fso8_aWGYlIR8sMTNtltvEnKVOmIbu-BHm&google_hm=MTc0MzE3NTQ1MDI5MDA4NjI2MQ%3D%3D
date
Thu, 15 Dec 2022 14:57:38 GMT
content-length
0
report
sync.teads.tv/um/ Frame 6372
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDq45TNFBH__LLNFyBNW5yc&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGQyZWM5MGQtNzZjMy00NDRjLWEyMGQtMGE3OTIzZGIyOTI1&google_push=AavPq0PUf7q9dyoB5uSKeqzzOGd8Af1B33g3Yb4JWfWbeIFr00cXZ_mq_SKFkJHUepGBj...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
96.16.29.148 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Thu, 15 Dec 2022 14:57:39 GMT
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6372 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUtbL7V5ptQj9ie4A9g-NWlGcVaOk4v461yjy3SQmrDWwYvCeS820OPwRzMuILcsQjGXpDnQ
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
cenw.js
dts.clnmde.com/ Frame FBEF 		36 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
1e5c3eb06040a3eaf80ccf1649fd1c42a9f825d8b4c8b744da22577678ef8c70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
etag
W/"24-LNUCPv3FdXffYZuk/7h+Sg"
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
alt-svc
clear
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=8&vz=-&zp=0&sgs=2&vb=15&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=VOXVIDINT1&ol=2170206829&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2Ca%24%3D!!ttEKm3M2fy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eWpqt6fKKwuoQf5FQ6VoADQFd0C73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-RtBeNp%2B61zA1OQ%3D%3D&sc=1&os=1-3w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=8&g=3&h=345&w=620&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=269.3807067871094&gp=80.62770080566406&zGSRC=1&gu=https%3A%2F%2Fwww.thetimestribune.com%2F&id=1&ii=4&f=0&j=http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms&t=1671116251006&de=369412274217&cu=1671116251006&m=8389&ar=67fa5e2a4e8-clean&iw=e05e03a&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=80.62770080566406&lb=10265&le=1&lf=0&lg=1&lh=97&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A952%3A952%3A10634%3A2773&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8346&cd=8346&ah=8346&am=8346&dq=8346&dr=8346&ds=8346&dt=8346&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=0&vd=0&zMoatSRE=0.11140625&zMoatVSD=32.684&dh=30000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7581&ef=0&eg=0&rf=0&re=0&wm=1&wi=0&zMoatCustomParams=50%25%3A10000sec%3Acumulative%3Anotaudible&cl=0&at=0&d=Netflix%3A1026616_Netflix%20-%20Bardo%3A6148324234%3A138417154843&bo=thetimestribune.com&bd=thetimestribune.com&gw=voxvidint960547728228&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=90b493bf-ede3-4e64-89e9-78ce1b3c49d9&zMoatProduct=athena-immersion-standard&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&ab=3&fd=1&kt=strict&it=500&fz=1&or=0&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=201243&na=1970827188&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:39 GMT
pixel.gif
voxvidint960547728228.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxvidint960547728228.s.moatpixel.com/pixel.gif?m=1&vpt=8564&iv=0&tuv=-1&ivt=0&cvt=0&fvt=0&cfvt=0&vol=0&at=0&cat=0&gmv=0&gmt=0&cgmt=0&apd=8564&dh=30000&hov=0&th=-1&d=thetimestribune.com&w=620&h=345&sp=0&bfa=1&L1id=Netflix&L2id=1026616_Netflix%20-%20Bardo&L3id=6148324234&L4id=138417154843&S1id=thetimestribune.com&S2id=thetimestribune.com&ord=1671116251006&r=369412274217&t=q1&os=0&fi2=0&div1=0&ait=0&customInView=0&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&mobile=0&bedc=1&q=4&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:39 GMT
bql.php
lg3.media.net/ Frame 45D6 		15 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5936&&&vgd_l2type=scs_newfl&fp=VRcXb58JHVbwpLBh5uk4nJlmw8bBf8S7QlBwHj7oD8YRytjHpTyxyhK4ZEOXChpFLZwcQSRr4dPh6hZiG0AgoX0WCPBDAAkc2acYE0nU5FHpl1rTozk5dPP5CuOyOGkG5M2BEV4xM3Q%3D&cme=jIV3MH3_zvuE9NstJ6w7TjyjArOpfQnosjCYAPQy08GW4E6gENzp3K69PhvAnuUc9bwMtSvevPeWstlI6FCMWyfTynvgZo-Q0kTLRIHBBgWkY_siNdnIb6vrYWXGaUz4sc4-kkqeFZKtFhpt60fraPfc1bbuVCAqljbaKvg5HkxNWjxzeIb1ygFs5QeVRbRRSaVTpA599UnyuX9Vs3vDtA%3D%3D%7C%7Cu8A6SM53vAcCukwlsaf7FsElUIj2xGuZ%7Ckq92jTMqzkyiwcu4yuNCFNT2UFW6DKWK%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7Ca0AmFUYXmD5f4J4y2Q4JXJgiKy4gNAaStcilLQbrF9Idk_JTAmvEPA%3D%3D%7CLzJOnepKGonS5oepGn2Soe1tl4GFZ5GLcYRCb4xoV3UYEAmU25-fQGMVXALY81l614DEowoNnqjgVeJDadv_lsaIm_Pa6Ln4FNH8UOEIC_184y8qRTAkMOV0ibYdO35CycxVEqxtzSS3quGr0vouXvSTmYE2IyzPPc-eikeknhkMf5f_NzSZs3C93475vKGUi2D91gmsj_DbusXEgVhXQRWeEIOWZfl687vJqo4DzGpQ31kiPJDqR0Z4uBW6iNmJ%7C&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=390&kbc[]=265%3A%3A43816&kwp[]=1&kid[]=324879789&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.67%7C12%3D4.63%7C62%3D2.53%7C10%3D2.49%7C63%3D0.10%7C60%3D10.82%7C1%3D7.75%7C2%3D19.09%7Cir%3D1%7Ciid%3D3802592%7Cps%3D0.882%7C3%3D3.13%7C4%3D4.00&ktd[]=275716899072&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=Vinegar+for+Hair+Loss&kwt[]=390&kbc[]=265%3A%3A44634&kwp[]=2&kid[]=179220691&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.94%7C12%3D1.12%7C62%3D1.15%7C10%3D2.49%7C63%3D0.10%7C60%3D1.22%7C1%3D1.19%7C2%3D2.30%7Cir%3D1%7Ciid%3D1119567%7Cps%3D0.882%7C3%3D0.31%7C4%3D4.00&ktd[]=275716899072&ktrkt[]=Vinegar+for+Hair+Loss&kwd[]=Dental+Plan+for+Seniors&kwt[]=232&kbc[]=0abe002c5686564337aa4e5a0eacfc80.d2s&kwp[]=3&kid[]=324681536&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.32%7C12%3D2.51%7C62%3D2.38%7C10%3D2.49%7C63%3D0.10%7C60%3D3.13%7C1%3D2.99%7C2%3D15.92%7Cir%3D1%7Ciid%3D8343551%7Cps%3D1.003%7C3%3D1.26%7C4%3D4.00&ktd[]=1126175607226624&ktrkt[]=Dental+Plan+for+Seniors&kwd[]=Whiten+Teeth+with+Baking+Soda&kwt[]=232&kbc[]=0abe002c5686564337aa4e5a0eacfc80.d2s&kwp[]=4&kid[]=183056211&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.87%7C12%3D1.42%7C62%3D0.68%7C10%3D2.49%7C63%3D0.10%7C60%3D0.33%7C1%3D0.95%7C2%3D3.12%7Cir%3D1%7Ciid%3D4599007%7Cps%3D1.003%7C3%3D0.38%7C4%3D3.44&ktd[]=1126175624003840&ktrkt[]=Whiten+Teeth+with+Baking+Soda&v=1&geo=40.72%7C-74&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=US&wsip=170763299&bca=0&ugd=4&vgde_setid=Nfu&cid=8CUT4OKFR&vi=1671116258892632575&vsid=3141178480815869&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUW5O213&vgd_hb_audit_2=905218422&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=new+york&&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1671116258162305079&sttm=1671116259010&upk=1671116259.21942&hvsid=00000167111625901000958081583650&verid=3111299&vgd_matchstr=bcat%3Dlo%2Cj3%2C150%2C133%2C3g%2Cy5%2Cmk%2C10%2Cqp%2C3r%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Ci2%2Cc0%2Cs%2C3%2C149%2C4k%2C12z%2C13a%7Ccsh%3D1&sbdrId=99&vgd_vsidtv=000V10&vgd_ecrid=1700080807684000300025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO8BCW0D&&abpl=2&&kbbq=%26asn%3D9009&&vgd_vstrid=3141178480815869&vgde_bdata=~G-MjJzvuXHi~GwEv9~G8Ov9.9X9~G-M1yjf1Mjv9~G-M1Qzv9~G-MNQv9~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRuh~G-M8z7YOv9~G-Mjf1Qv9~G-MjeYEv99999999999999999999999999999999999999999999999999~G-MLJkMxLjv%40TwlFyLKuBYS~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvA99-fX9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vI4p3aDC~NUMkjvf~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9vH~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvH~OYYMOuhvf~OYYMOuWvX9~OYYMOuiv9u99~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9u~OYYMOfAv9~OYYMOfHvX~OYYMOfXvOJkMzJB~OYYMOfFv9~OYYMOfhv9~OYYMOfWv9~OYYMOfiv9.W9~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOAivdQmzSG8OSyJ7aL7GDJQEmzQJ~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfvu.99~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWvH~OYYMOiv9~OYYMjv9.9uA~OYYMYuv9.9Fh~OYYMYu9v9.WfA~OYYMYuuv9.iAA~OYYMYufv9.hhi~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.H9h~OYYMYuhvu.999~OYYMYfv9.9uh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvuf~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvfWAff.999~OYYMYAFvfWAff.999~OYYMYAhvH.999~OYYMYAWvH.999~OYYMYAivWifAX.iWh~OYYMYH9vuH9fWh.999~OYYMYHuvuH.WXf~OYYMYHfvfH.999~OYYMYHAvf.f9A~OYYMYHHvu.999~OYYMYHhvhiAA.999~OYYMYHWvffi9hhi.999~OYYMYXv9.WhX~OYYMYX9vXFA.999~OYYMYFvu.999~OYYMYhvu.9Wu~OYYMYivu.999~OYYMLv9.XuH~JMLEYv9.9Fh~JLEYv9.9Fh~wNv9n%2Bn9~8w1v9~875EJvKrt~LM8Evf19OoXF99o99fHo9999o9999o9999o9999o9999~LMQNvI3~LGmvXMA~LJkMNz7v9~QyY7vJYE75~Q7OvAfhuXHAfF~eGLv9~e8Q8G8j875vf~QxEEj5M71yM8Ov~e8JB1G8j875v9.Xh~1YEvu~NGOEv9.9A9~OYYvw1LYmz5~Qx8Ov%3DK4b4Ky96_7YH6oMe%3D%2F%2067tY%3DJB~O7NvJ1Q7MQN~-8OvKrtoExGoFhuWHfFfAhFuXFu9~O1jyvOJk1xj7~w7Yjvu~1OGjUvAfhuXHAfF~QmGEv9.9A~N7Lv9.9~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9X9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vH9~OmyGv9ou~8GNvu~~Y-JvyJO~Y-GzvKf&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220623&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00000167111625901000958081583650&subBdr=99&bdrid=319&rc=0&rand=1671116259487&acid=79de3a0614d44d5392ee025495f4ec6a&matm=1671116259487&requrl=https%3A%2F%2Fwww.thetimestribune.com&vgd_ltimesrc=1&vgd_ltime=719&vgd_rtime=627&vgd_etm=7&vgd_l1hcsd=O7qck%7C8364&vgd_l1ch=1&vgd_lhl=4413&vgd_pgid=p1573489986t202212151457&vgd_adprefflag=11&vgd_csip=rtb-appnexus-64d76c54bd-rqf7p.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=4901&vgd_cntrdt=SF%7C6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=15659
Connection
keep-alive
Content-Length
15
log
lg3.media.net/ Frame 7E90 		35 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUT4OKFR&vi=1671116258892632575&hvsid=00000167111625901000958081583650&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=256&l2s_downloadTime=1&l2s_total=258&l2s_start=215&l2s_sslTime=0&l2s_trfSize=29.5&l2s_decSize=80.4&l2s_encSize=29.3&l2s_nhp=h2&l1s_dnsTime=2&l1s_connectionTime=26&l1s_waitTime=84&l1s_downloadTime=6&l1s_total=91&l1s_start=65&l1s_sslTime=16&l1s_trfSize=55.2&l1s_decSize=160.9&l1s_encSize=54.9&l1s_nhp=h2&gdpr=0
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:39 GMT
Strict-Transport-Security
max-age=21600
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Thu, 15 Dec 2022 14:57:39 GMT
ptmd
dts.clnmde.com/ Frame A717 		70 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=167111625908533243488396_N4IgxmAWDWIFwG0QDYCMAWA7K1BmAHJiALoA0IADgJYAmALvEgAwnkBOApgGYCqbANg0QhWIAM5swfQYxCQ6dCmICkuAILKATADEt2gO6GAdHUgc6VALYcxdNlQBGAVwB2HI2AD2l0QDcxAPq0Qki4GDiY+Oj4TPioAKz4yACcopD+QfSyTDk5qMjYOMiaicmEOcmJsQlx6PHoomBOtpkhIPgAwjwAKugA8gDS2gBKjWy+ssAAOigYhQSYM3DTIHQAnhQcSzNgbJkzpDO+VPvwM-mF+SVRmMhMmqiYmkwHM+mBtNsguXkFOFelcpMSoxOKJDD1GYAXyhohcAENGOhNMl0MkCppkOhSHh0LFMExcMlSPFcDkovgyWQQAixPAUeQqPCfIgmNSmXS4PhGRM4EwjPFyLZ4XRmkjSLhcBLsbhBbhkBLMBLuUTSAzUMlqQAvRFwVDkCgAc3gIAm5ENkBNF3+xXiyVipNwmnQuGilPRIHI-hNyCM-Pi+U9IHh-HgUpAXDA8AAtPqQOYqFa-kUSqkhXRjXyhbA4CBrSm7QF4mgUs7ktgSkGOFQKCb4kZUHEjJpXQ3EkHfBw2CaKGxPDQq05dXGnIm9eQOL5Q4hQAjrCaHLQaF3MkGaCLdaBFzRl3taCawmnTSd97n8wCbncHk8WDDSLPmRwTfCwPvyOu6Jvg6+B7nI9FcFuAN8BoDAOHhRJuDQZIUXiMB4iYBxnXwDsT1-PNkwvLAr0eZ4QBhakKG9RBqTEfhbCTS5bXtTAGnIfguHgOMmhaU92i6XpBhGVDVzPTDbUve5cJYc0oz1fjU2KcMAEcn3HCMx00KEgA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
bql.php
lg3.media.net/ Frame EF1B 		15 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5928&&&vgd_l2type=scs_newfl&fp=VRcXb58JHVbwpLBh5uk4nJlmw8bBf8S7QlBwHj7oD8YRytjHpTyxyhK4ZEOXChpFLZwcQSRr4dPh6hZiG0AgoX0WCPBDAAkc2acYE0nU5FHpl1rTozk5dPP5CuOyOGkG5M2BEV4xM3Q%3D&cme=SvRUeXBvSU0en1gm9GBF4CMLBsrAUaDSbTfi1ql5RerA4BT4zZgRvZdNad_Udwo57_rF9zFykNqgdEiJhOyWtBrfuZaGVXKq7tbMWzQZNG7LKkaoEufJS4_hLL9WJKvpCd9tztbjMTVnNEnKANqvGDtHU6_98rMT-9FIeVVYe52BbgU26gxWrLVCaToKNsqE0nsA2QFOW9dION0zWcsDDQ%3D%3D%7C%7Ca0AmFUYXmD5f4J4y2Q4JXJgiKy4gNAaStcilLQbrF9Idk_JTAmvEPA%3D%3D%7CYc94iwEvB4IR0t-OuGt28b1jN7VBGGBpbic7hwfRWw3o-K6siShMh24YamD0GQlgwabis2C_VzS0KlowPsVywCs2-5j1GKPTXwBcoE0YsJcHQIb2aHrN8sgCxdbRDYymM5sqRb5FHMtRDt37dE3XoxdymhXpXVsAkQC286qYOARVokbRJT_N42xRfXcBL7rTCnPka5_zaIYo2U-WcMqImyNlla1o5GQM8yluD14qmZ6ZorHMi1wMxWp-Gyo3Grac%7Cu8A6SM53vAcCukwlsaf7FsElUIj2xGuZ%7Ckq92jTMqzkyiwcu4yuNCFNT2UFW6DKWK%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&ksu=224&fdkt=390&vgde_kbbh=fuoyxQBuG&kwd[]=New+Dallas+Cowboys+Jerseys&kwt[]=390&kbc[]=265%3A%3A3466&kwp[]=1&kid[]=321185604&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.87%7C63%3D0.10%7C12%3D0.43%7C62%3D2.52%7C60%3D2.40%7C10%3D2.49%7C1%3D2.42%7C2%3D7.87%7Cir%3D1%7Ciid%3D1502490%7Cps%3D0.882%7C3%3D0.97%7C4%3D4.00&ktd[]=275716899072&ktrkt[]=New+Dallas+Cowboys+Jerseys&kwd[]=Best+Car+Insurance+Companies&kwt[]=232&kbc[]=0abe002c5686564337aa4e5a0eacfc80.d2s&kwp[]=2&kid[]=48806540&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.32%7C63%3D0.10%7C12%3D3.42%7C62%3D0.95%7C60%3D2.89%7C10%3D2.49%7C1%3D2.93%7C2%3D12.75%7Cir%3D1%7Ciid%3D2854724%7Cps%3D1.003%7C3%3D1.04%7C4%3D4.00&ktd[]=1126175624003840&ktrkt[]=Best+Car+Insurance+Companies&kwd[]=Dental+Plan+for+Seniors&kwt[]=232&kbc[]=0abe002c5686564337aa4e5a0eacfc80.d2s&kwp[]=3&kid[]=324681536&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.32%7C63%3D0.10%7C12%3D2.51%7C62%3D2.38%7C60%3D3.13%7C10%3D2.49%7C1%3D2.99%7C2%3D15.92%7Cir%3D1%7Ciid%3D5675344%7Cps%3D1.003%7C3%3D1.26%7C4%3D4.00&ktd[]=1126175607226624&ktrkt[]=Dental+Plan+for+Seniors&kwd[]=Best+SUV+Cars&kwt[]=232&kbc[]=0abe002c5686564337aa4e5a0eacfc80.d2s&kwp[]=4&kid[]=205788473&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.05%7C63%3D0.10%7C12%3D0.45%7C62%3D1.26%7C60%3D0.17%7C10%3D2.49%7C1%3D0.37%7C2%3D1.60%7Cir%3D1%7Ciid%3D2790269%7Cps%3D1.003%7C3%3D0.37%7C4%3D3.50&ktd[]=275448725760&ktrkt[]=Best+SUV+Cars&v=1&geo=40.72%7C-74&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=US&wsip=170762532&bca=0&ugd=4&vgde_setid=Nfu&cid=8CUT4OKFR&vi=1671116258476021720&vsid=3141178480815869&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_implt=3&vgd_cage=0&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUW5O213&vgd_hb_audit_2=905218422&vgd_pdtid=1&vgd_nrrv=4901&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=new+york&&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=11&vgd_l1rakh=1671116258147919901&sttm=1671116258987&upk=1671116259.28155&hvsid=00000167111625898700958081581454&verid=3111299&vgd_matchstr=bcat%3Dlo%2Cj3%2C150%2C133%2C3g%2Cy5%2Cmk%2C10%2Cqp%2C3r%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2Ci%2Ci2%2Cc0%2Cs%2C3%2C149%2C4k%2C12z%2C13a%7Ccsh%3D1&sbdrId=99&vgd_vsidtv=000V10&vgd_ecrid=1700080807684000300025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO8BCW0D&&abpl=2&&kbbq=%26asn%3D9009&&vgd_vstrid=3141178480815869&vgde_bdata=~G-MjJzvuXHW~GwEv9~G8Ov9.9f9~G-M1yjf1Mjv9~G-M1Qzv9~G-MNQv9~G-MJ-Ev9.X~G-My8zQxv9~G-M81GvVKRuh~G-M8z7YOv9~G-Mjf1Qv9~G-MjeYEv99999999999999999999999999999999999999999999999999~G-MLJkMxLjv%40TwlFyLKuBYS~G-MLwvHhr4gEdWqR~G-MLENv99u9999~G-MQ8lJvA99-fX9~G-M7MJz1GjJOv9~G-M7MJ-Ev9~G-M7Y1-vfX9~G-M7YjMQxkk8-vS~N875vI4p3aDC~NUMkjvf~ONvyNEoxQoJ1Q7uoO~OYYMOuv9~OYYMOu9vH~OYYMOuuv9~OYYMOufvu~OYYMOuAv9~OYYMOuHv9~OYYMOuXvu~OYYMOuFvH~OYYMOuhvu~OYYMOuWvuX~OYYMOuivuu99~OYYMOfv_~OYYMOfuvou~OYYMOffv9.99~OYYMOfAv9~OYYMOfHvX~OYYMOfXvTMzJB~OYYMOfFv9~OYYMOfhv9~OYYMOfWv9~OYYMOfiv9.W9~OYYMOAv9.X~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOAivdQmzSG8OSyJ7aL7GDJQEmzQJ~OYYMOHv99~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXv9~OYYMOXuv9~OYYMOXfvu.f9~OYYMOXAv9999~OYYMOXFv9~OYYMOFv9~OYYMOhv9~OYYMOWvH~OYYMOiv9~OYYMjv9.99X~OYYMYuv9.9fF~OYYMYu9v9.WfA~OYYMYuuv9.iAA~OYYMYufv9.fi9~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.999~OYYMYuFv9.H9h~OYYMYuhvu.999~OYYMYfv9.9uh~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfhvuf~OYYMYfWvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAfv9.9u9~OYYMYAHvu.999~OYYMYAXvfWAff.999~OYYMYAFvfWAff.999~OYYMYAhvH.999~OYYMYAWvH.999~OYYMYAivWifAX.iWh~OYYMYH9vuH9fWh.999~OYYMYHuvuH.WXf~OYYMYHfvfH.999~OYYMYHAvf.f9A~OYYMYHHvu.999~OYYMYHhvuf9H.999~OYYMYHWvffXWX9X.999~OYYMYXv9.WhF~OYYMYX9vuhiW.999~OYYMYFvu.999~OYYMYhv9.H9A~OYYMYivu.999~OYYMLv9.XuH~JMLEYv9.9fF~JLEYv9.9fF~wNv9n%2Bn9~8w1v9~875EJvKrt~LM8Evf19OoXF99o99fHo9999o9999o9999o9999o9999~LMQNvI3~LGmvXMA~LJkMNz7v9~QyY7vJYE75~Q7OvAfhuXHAA9~eGLv9~e8Q8G8j875vf~QxEEj5M71yM8Ov~e8JB1G8j875v9.uW~1YEvu~NGOEv9.9uH~OYYvw1LYmz5~Qx8Ov%3DK4b4Ky96_7YH6oMe%3D%2F%2067tY%3DJB~O7NvJ1Q7MQN~-8OvKrtoExGoFhuWHfFfAhFuXFu9~O1jyvOJk1xj7~w7Yjvu~1OGjUvAfhuXHAA9~QmGEv~N7Lv9.9~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vA9~OmyGv9ou~8GNvu~~Y-JvyJO~Y-GzvKf&vgd_optout=0&vgd_bhv_kbb=-1&vgd_cfud=220623&vgd_scsver=373&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00000167111625898700958081581454&subBdr=99&bdrid=319&rc=0&rand=1671116259441&acid=fc48376518d14ea58ef619295c50b248&matm=1671116259441&requrl=https%3A%2F%2Fwww.thetimestribune.com&vgd_ltimesrc=1&vgd_ltime=807&vgd_rtime=584&vgd_etm=17&vgd_l1hcsd=O7qck%7C8364&vgd_l1ch=1&vgd_lhl=4409&vgd_pgid=p1573489986t202212151457&vgd_adprefflag=11&vgd_csip=rtb-appnexus-64d76c54bd-92wlc.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=4901&vgd_cntrdt=SF%7C6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: thetimestribune.com.admin-us2.cas.ms
URL: http://thetimestribune.com.admin-us2.cas.ms/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security
max-age=21600
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Apache
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=15659
Connection
keep-alive
Content-Length
15
ptmd
dts.clnmde.com/ Frame 7E90 		70 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=167111625916333981181190_N4IgxmAWDWIFwG0QDYCMAWA7K1BmAHJiALoA0IADgJYAmALvEgAwnkBOApgGYCqbANg0QhWIAM5swfQYxCQ6dCmICkuAILKATADEt2gO6GAdHUgc6VALYcxdNlQBGAVwB2HI2AD2l0QDcxAPq0Qki4GDiY+Oj4TPioAKz4yACcopD+QfSyTDk5qMjYOMia8clMqLnJibEJ+LjI8Sxk4E62mSEg+ADCPAAq6ADyANLaAEqiYGy+ssAAOigYhQSY83BzIHQAnhQcq-OTmfOk875Uh-Dz+YX5Jfj4yZrIuCWY8Ufz6YG0eyC5eQU4G6lcqVapxRL1RrzAC+0NELgAhox0JpkuhkgVHuhSHh0LFMExcMlSPFcDkonUmM1EWJ4KjyFQET5EFSGQjaXB8AzpnAmEZ4uRbAi6K1kaRcLhxdjcAL6uLMOKuUTSPTUMlmgAvJFwVDkCgAc3gIGm5H1kCNV0BxVK+QlRLiqAdZRA5H8RuQRj58XyLpACP48ElIC4YHgAFpdSBzFQLQCiiVUoK6IbeYLYHAQJb46UAvFNFF0NFypp0L6OFQKEb4kZHagjJpcOga4lfb4OGwjRQ2J4aGWnNrI04YzryBxfAHEKBEdYjQ5aDR25lfTRhdrQHOaAu2EuM2FE8azrRY9drXcHk8XvEQLDSFOmRwjQiwEfyCu6Gu-c-exnMMkF7gESYNB0BoQsaFJB4OA4JgSnReIuHQDgwGQJFXUPb9MzjIEz0eZ54lea9oWaCg3UQZoxH4WxjytBMEn3fguHgSMwFaOgd06Hp+mGMZW3Q6jsxwi98KvU1Qx1LDrQxMpyAARwfEdg2HTRoSAA
Requested by
Host: 6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
ixmatch.html
js-sec.indexww.com/um/ Frame DE01 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
284
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77a008703d808ce8-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 15 Dec 2022 14:57:39 GMT
expires
Thu, 15 Dec 2022 18:57:39 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E453 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
70466
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 15 Dec 2022 14:57:39 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
10, 152580
X-Served-By
cache-lga13626-LGA, cache-ewr18156-EWR
X-Timer
S1671116260.879116,VS0,VE0
pd
us-u.openx.net/w/1.0/ Frame 0C87 		781 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Requested by
Host: www.americanhometownmedia.com
URL: https://www.americanhometownmedia.com/static/diberp-tcx-v7.13.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
891d2108b46ddcc676d7980b1957a27c137cfedba7ccc9548ddf237b914883ff

Request headers

Referer
https://www.thetimestribune.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
465
content-type
text/html
date
Thu, 15 Dec 2022 14:57:39 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAtHk7HNmwAACIa0xycww
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAtHk7HNmwAACIa0xycww
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAtHk7HNmwAACIa0xycww
Date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 0C87 		45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=0a8a6d89-bba2-010c-1638-aa5616ae09e8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.60.21 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 15 Dec 2022 14:57:40 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Thu, 15 Dec 2022 14:57:40 GMT
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B330_FAF05FF1_28747F0E
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B330_FAF05FF1_28747F0E
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R1B330_FAF05FF1_28747F0E
Date
Thu, 15 Dec 2022 14:57:39 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-354103060; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
194
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame 0C87 		95 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=829b2805-2c0a-07e3-17e1-2c94a5d684b6&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.118.88 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Date
Thu, 15 Dec 2022 14:57:40 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95
Expires
Thu, 15 Dec 2022 14:57:40 UTC
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=dRsvu7oN1P5PFT5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=dRsvu7oN1P5PFT5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:39 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-06d5eafa116a0f8c2@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=dRsvu7oN1P5PFT5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5409130810637765558
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5409130810637765558
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5409130810637765558
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xqrwscOsrebd-Pq1yP3kspH6--fd_fHrkf-FKKfa
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xqrwscOsrebd-Pq1yP3kspH6--fd_fHrkf-FKKfa
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=xqrwscOsrebd-Pq1yP3kspH6--fd_fHrkf-FKKfa
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=openx&user_id=3yLTxH4SS3iz7MkrU8x80
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=4b6b3c04-894f-45f2-bf0e-86dd76fa7320&gdpr=&gdpr_consent=
Date
Thu, 15 Dec 2022 14:57:40 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=969470210586592007
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=969470210586592007
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=969470210586592007
Date
Thu, 15 Dec 2022 14:57:39 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 0C87
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE7C2CD6447D4FB782121DE57AC7E703
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE7C2CD6447D4FB782121DE57AC7E703
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=8c35695d-7fe1-485d-a21c-fe8a8c79415a&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 15 Dec 2022 14:57:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=EE7C2CD6447D4FB782121DE57AC7E703
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 14 Dec 2022 14:57:39 GMT
async_usersync
ib.adnxs.com/ Frame E453 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:39 GMT
AN-X-Request-Uuid
ad19dc49-7766-4a08-af51-875a61c81cca
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BE66 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2960e21fb329d75b82b0e597df85726d7118e8201366e520bf2abe21009d28

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77a00870d9618c8d-EWR
content-encoding
br
content-type
text/html
date
Thu, 15 Dec 2022 14:57:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVE2uwtez1IvwwwoQjIkczYe7dOfO6ybcWzhHgwOmOzfLpVn2TDvHhDGX%2B4Ie%2F%2B57uzkyj93aI%2FfWnDU42WyjIPXEXEUAs4Jaeg%2FjL9ZqXumXYhQZkRFjEo4%2F9tyfemJVIFA2j6YbrMziA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
crum
dsum-sec.casalemedia.com/ Frame BE66
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=57988376775515890
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=57988376775515890
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
AN-X-Request-Uuid
7ef4f170-0e17-479a-9a16-f70a9e2dd510
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=57988376775515890
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE66 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame BE66
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3560567457612390603
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3560567457612390603
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3560567457612390603
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame BE66
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=25b0639b-35d8-4a00-967b-6b3a039ff7a4
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=25b0639b-35d8-4a00-967b-6b3a039ff7a4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
MT3 180 1fd3e2d master ord-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=25b0639b-35d8-4a00-967b-6b3a039ff7a4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 15 Dec 2022 14:57:39 GMT
Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BE66
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y5s12O09IR_LnG-t1VrL1AAAAJEAAAIB
date
Thu, 15 Dec 2022 14:57:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame BE66
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7244026551091621944P
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7244026551091621944P
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7244026551091621944P
Content-Type
text/html
Cache-Control
max-age=28278
Connection
keep-alive
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame BE66
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_639b35e419a87&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_639b35e419a87
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_639b35e419a87
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Thu, 15 Dec 2022 14:57:40 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030002_639b35e419a87
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
demconf.jpg
dpm.demdex.net/ Frame BE66
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
54.236.78.230 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v044-0ffeccee0.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3/lXwlOISpo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v044-0a50520d8.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
qRDKeDOAQww=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y5s12O09IR-LnG.t1VrL1AAA%26145
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
cdn.indexww.com/ht/ Frame BE66 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y5s12O09IR-LnG.t1VrL1AAA%26145
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.thetimestribune.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
59372
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77a00871499b8c89-EWR
content-length
43
expires
Fri, 16 Dec 2022 14:57:40 GMT
chunklist_480.m3u8
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		410 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/chunklist_480.m3u8
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1f8eb63ec968bdc9a73d07a9b40f9914d28f7d68fc148a442e1b0a42fd7b9baf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 0a35faf8a81bc2da87034be9b38a5c9a.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1, CMH68-P2
age
2293
x-cache
Hit from cloudfront
content-length
410
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"d01f62e86e800ab1fd336273481afcdb"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cache-control
max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
C1DbmsEeS20ySttyOsvu35fYE24oEi9HWovfPFHvDh5BFPD86srXMQ==
expires
Fri, 16 Dec 2022 14:19:27 GMT
w_480_00000.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		346 KB
347 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00000.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d70ff8fc5ce0251d275f9360426ba9fa7a84f74274676abe0271a0ca43fe931b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 94fe3b4b13cd22608780ecba80f5ca64.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1, CMH68-P2
age
4545
x-cache
Hit from cloudfront
content-length
354568
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"9c7165edc9490a8afb7d5226c516435c"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
d-rXI1pY5pe88jFMRdd1Shpu911xQMhv_cbP5rL7ZKuTfLT4Lv2_gA==
expires
Thu, 29 Dec 2022 13:41:55 GMT
a2364614-cc17-47e5-9c63-5caaea352b6d
https://www.thetimestribune.com/ 		67 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimestribune.com/a2364614-cc17-47e5-9c63-5caaea352b6d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
68465
Content-Type
text/javascript
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=10131&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250463&r=485610234500&t=page10&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=2a1f8e46-245e-4a36-be2e-21cb1041a01f&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:40 GMT
w_480_00001.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		490 KB
491 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00001.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
96e832d90b170692b585a04dbafbc08fbf446308af5221b817e3967e409f7677

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 b5a438ce0ef9bd741100c84c3520b1d4.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6, CMH68-P2
age
4544
x-cache
Hit from cloudfront
content-length
501772
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"6a688ab7b061f0084e9d1b38e3494816"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
VxAtsrsDQzaf5UntCj_HKpCPRHWBlO_UVi4CdVIzCbfcA_5OXxD3TA==
expires
Thu, 29 Dec 2022 13:41:56 GMT
w_480_00002.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		393 KB
394 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00002.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ea29de266e7016f213d7b97ce84c21f264f8b7d203273fb368821b17effa0788

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:40 GMT
via
1.1 ea419f8269940bd7231c70acd36c430c.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2, CMH68-P2
age
4543
x-cache
Hit from cloudfront
content-length
402320
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"8870acc04a159899d7915bd24733e50e"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
M4Yhp5pEJwgqse8W-da5DpzFLr1KemyPtlusS6wMFrREkvIHw9FJ1w==
expires
Thu, 29 Dec 2022 13:41:57 GMT
async_usersync
ib.adnxs.com/ Frame E453 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 15 Dec 2022 14:57:40 GMT
AN-X-Request-Uuid
f3b3c923-abba-4840-a9a3-b05c163c3a53
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
5.181.234.158; 5.181.234.158; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
voxcustomdfp152282307853.s.moatpixel.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://voxcustomdfp152282307853.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=10077&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thetimestribune.com&L1id=24002944&L2id=3104622392&L3id=6148324234&L4id=138417154843&S1id=175131904&S2id=22034734345&ord=1671116250170&r=613832435777&t=page10&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fwww.thetimestribune.com%252F&mobile=0&click=0&customInView=0&initW=620&initH=345&initSRE=0.11140625&zMoatCONCERT=35745b72-b3fc-4271-b75b-f6cb8b4efcfc&bedc=1&q=6&BSD=safe&BSC=moat_unsure&nu=0&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.72.145.167 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-72-145-167.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Thu, 15 Dec 2022 14:57:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 15 Dec 2022 14:57:41 GMT
w_480_00003.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		493 KB
494 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00003.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7e83bdbd9885eccc415e416868155c2b5abb8adb024e01cc7ce8201a1b8be84b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:41 GMT
via
1.1 4a131d14342c4d4b1feadf6574ec0876.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
DFW56-P2, CMH68-P2
age
87145
x-cache
Hit from cloudfront
content-length
505156
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"e33505ee103d1441b6fa7c0edfab6d34"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
uMYhrQkw0K9kSvPX1rKHghtsZBcagYi6suevzu-qP8-T27sbPcLnyA==
expires
Wed, 28 Dec 2022 14:45:16 GMT
ptmd
dts.clnmde.com/ Frame A717 		70 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=167111625908533243488396_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsA7DsXgEwCsAnAPrl76WkAslRFSqmAZjDsuhgAu2fERIUadBs1Y4K1ABwAjUnAUElOOKTSUwAZjDkuXMABMcaHEwILzy2xwGCe0PpyFnsAOQCCTzEEzVwBaUmQwAGsAQ2wLNAImLnI4EII0BQUQ4nMQvS5okKUuJiZyBVYDNDwOKKVeZDQANxRsYAAdEAAbDDRoruoUQQwAJ2iAczBO6E74xOTU9MzsnFz8wuLS8sr9as7ETpQwFBQASwwAO0Hhscnp2ct5lLSMrJyzPLACopKyioIqnh9p1MBhIqcwNQzNFBNF7iA5klnks3qsPusflt-oDOgBfWr9GAAbQAuhFogAHYkgcgAOhwChwtNI+iY9PKIDJIAAtgBPYlEvhwRD6ODC4UUOAkrkAdwAjsSuXyRorGty0PVYPQbMR9OoOGgRtyqdAibhCMR8BQFDY8NocARVNRudFTlccJzkP1hKapfwsG5kKcmjBwqhYYIAK6tU0sxAMkXxyhcgBesUDIAp42wIeQ4wAFiILeIqGpyPp9MxWZl9JQasgWtg8LS4LTyPgOIToPpkFw0DBshFBKci2IrVQnIJs9BhahIqPLWQqLR6HhGCw2ORaqcTTT6Yzmaz2QoOE0wCrYBSRhgvBFI+n3JGRxmwE0usTQBdotywNglKczDMc9qAAjhoVhGBQH-QDgNA2B9BwShT1OECvFgURF2tW17UdBBcVxRBP2-X9YGiNBQOQcD01AMi4JAPsmAUfQCDwdsFAsJgwGicovnoRhKHINAUhURjkNQhcSxtFicNUEB8K5ClG1NeAAAJVH0PAVI9LkUC6IYJPHSg4ESDgulcdw0GjQRxNgBQAGEAFUABUmAAeQAaQAMQAJTEuiMMk7DSAdWS837Nxiyteg5CYZA5RI9wuGffRcSAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:41 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
w_480_00004.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		463 KB
464 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00004.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
90205108702e1cc977dfe61bfed8b651145ea4a4c2874c79c622d223a4b41836

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:41 GMT
via
1.1 42fa987334e4ecfd52be3ba1803e9b82.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6, CMH68-P2
age
4544
x-cache
Hit from cloudfront
content-length
474512
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"486bd6f6f47285dc4e11cfa627786557"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
b5TnU1mXKebAixyk4OD46nIIGOEVewSw_NMhu9RF_se7k2eC-vJi0Q==
expires
Thu, 29 Dec 2022 13:41:57 GMT
ptmd
dts.clnmde.com/ Frame 7E90 		70 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=167111625916333981181190_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsA7DsXgEwCsAnAPrl76WkAslRFSqmAZjHMuhgAu2fERIUadBs1Y4K1ABwAjUnAUElOOKTSUwAZjDkuXMABMcaHEwILzy2xwGCe0PpyFnsAOQCCTzEEzVwBaUmQwAGsAQ2wLNAImLnI4EII0BQUQ4nMQvS5okKUuJiZyBVYDNDwOKKUYHGQ0ADcUbGAAHRAAGww0aO7qFEEMACdogHMwLugu+MTk1PTM7Jxc-MLi0vLK-WquxC6UMBQUAEsMADshkfGpmbnLBZS0jKycszywAqKSsoqCFU8AcupgMJEzmBqGZooJog8QPMki9lu81p8Nr9tgCgV0AL61AYwADaAF0ItEAA4kkDkAB0OAUODppH0TAZ5RA5JAAFsAJ4k4mNPj6OB8PgUOCk7kAdwAjiTufzRoqmjy0PVYPQbMR9OoOGhRjzqdBibhCMR8BRMow8PoKARyNQedEztccFzkANhKapfwsNBGiAzs0YOFUHDBABXNqm1mIRmIfQJyjcgBesUDyEpE2woeQEwAFiILeIqPh9JXKEzGcRKAhkK1sHg6XA6eR8BwidBkyAuGgYNkIoIziWxFaqE5BLm3PxImPLWQqLRSApSkwFHA5ExamcTbSGUyWWyOQoOM0wCrYJTRhgvBEo5mg1HR1nwM1uiTQJdojywNglDOMwzEvaggI4GE4RgUBAOA0DwNgfQcEoc8zjArxYFERdrQqUg7QdcgQDxPFEG-X9-1gaI0HA5BIMzUAqIQkACEoED9GiOBtTMUozHIfRGDAMBtHIFhjCYMBqliRs0KYrCyxtPD7XIR0iLxblKSbU14AAAlUVdtI9bkUG6YYFzLSgcEnZBulcIM0BjQR0OwBQAGEAFUABUmAAeQAaQAMQAJVQpzMNLCcFPw5TCILAdA3Csh6GQ8M5QooMuFffQ8SAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:41 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
w_480_00005.ts
video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/ 		508 KB
509 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video.primis.tech/uploads/cn11/video/users/hls/22235/video_5df2c67d5a683172725343/vid5df325a91bc88997235723.mp4/w_480_00005.ts
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:6a00:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
77abdb936aada3ca73686a02b67c124685092907d35c6d2c9c7a189054fa8c1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 15 Dec 2022 14:57:41 GMT
via
1.1 64a7da616ef77f55d58590036675e796.cloudfront.net (CloudFront), 1.1 c76b66e0e074f4c1e2f882b92f4ad552.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD56-P6, CMH68-P2
age
4544
x-cache
Hit from cloudfront
content-length
520008
last-modified
Thu, 19 Aug 2021 01:20:36 GMT
server
nginx
etag
"4f0d9b2b6ce729d9181b3bbcd77b23c3"
access-control-max-age
604800
access-control-allow-methods
GET, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cache-control
max-age=1209600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
w_uDzB6D_zM6RVMVQU_ejv1_0WpldDobiL_G3N9kI1Agx3Rg3IS9tw==
expires
Thu, 29 Dec 2022 13:41:56 GMT
collect
www.google-analytics.com/ Frame 2F07 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=900585294&t=event&ni=0&_s=6&dl=https%3A%2F%2Fwww.thetimestribune.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=620x365&je=0&ec=video&ea=ad%3Atime-10sec&el=1014284-1_Branded%20Content%20%7C%20Concert%20%7C%20Branded%20Content%20%7C%20CPV%20Athena_Netflix%3A%C2%A0Bardo_Branded%20Media%20Asset_Immersion_dsk_350179673%20%7C%2090b493bf-ede3-4e64-89e9-78ce1b3c49d9&_u=SAEAAEABCAAAACgAI~&jid=&gjid=&cid=333536868.1671116245&tid=UA-96398693-1&_gid=1283124798.1671116245&cd3=Athena%20Immersion%20(Standard)&cd18=Netflix&cd19=1026616_Netflix%20-%20Bardo&cd11=&cd21=6148324234&cd22=138417154843&cd23=2a1f8e46-245e-4a36-be2e-21cb1041a01f&cd24=&cd1=598968&cd2=30&z=201926225
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Dec 2022 21:14:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
63786
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
liveView.php
live.primis.tech/live/ 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTI1JaNypaZypyRcoWU9MTY3MTEkNwI1MSZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA1MTI5JaN0YT0jJat9NDAjJax9MwI1JaZcZF9jYXNmRG9gYWyhPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJaN1YxyxPXq3ql50nGV0nW1yp3RlnWJ1ozUhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTBxJTNBNTYjMCUmQTI0JTNBMTQjMCUmQTEjMTEyM0FyOTAmJTNBZTyzZvUmQWI1Y2QzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTA4LwAhNTM1OS4kMwQyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYmOWImNWRvOTZuMDYzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZHVlPTtjMCZaZHBlPTAzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0kJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwpkMTE2MwYkNDY3JaVcZD1TZWgcozRiU1BfYXyypwYmOWImNWRvY2U0NmMzpHVvVXJfPWu0qHBmJTNBJTJGJTJGq3q3LaRbZXRcoWVmqHJcYaVhZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9nWyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24fd:3c00:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.thetimestribune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Dec 2022 14:57:40 GMT
content-encoding
gzip
via
1.1 5401626d63787a47d271753adbb1f35e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
CMH68-P2
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-id
HmejF_4QW339fdgktXC2jl5b-s_hWDVgdIa02-itEV2-kFfh0XzHOA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tag.simpli.fi
URL
https://tag.simpli.fi/sifitag/785034b0-eb7a-0136-564a-067f653fa718
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1671116245572;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1671116245573;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1671116245573;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1671116245573;
Domain
csp.azureedge.net
URL
https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1671116247815;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627235/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1671116247815;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627238/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1671116247815;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1671116247815;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9;misc=1671116247815;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=10;misc=1671116247815;
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/3613a31b6329d1c17d5663d05b080db1.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26advId%3D138%26advUuid%3D%5BUID%5D
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y5s12AAEM5AzzAAF

Verdicts & Comments Add Verdict or Comment

515 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| oncontentvisibilityautostatechange object| dataLayer object| _cc6893 object| LOTCC function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| pageLoaded number| TNCMS_DotConnect_Tile object| TNCMS_Used_Ad boolean| TNCMS_PAGE_LOADED object| oReq object| aTemp string| sTemp string| regionType object| poll_config function| bizmarquee object| promo_design_config object| flippxp function| admiral object| googletag function| __uspapi object| AdBridg function| TNStats_Tracker object| TNTracker string| adType object| ggeac object| google_tag_data object| google_js_reporting_queue function| handleMessageFromNative object| google_tag_manager object| pbjs string| exp_string number| window_x object| apstag string| GoogleAnalyticsObject function| ga function| 4dm1r11545242527 undefined| google_measure_js_timing object| _qevents object| _sf_async_config function| ta_popupCallback undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus string| href object| FB function| ta_getPaywallDomain function| ta_isMachineIdValid function| ta_createCookie function| ta_createCookieInDomain function| ta_readCookie function| ta_eraseCookie function| ta_eraseCookieInDomain function| ta_checkCookie function| ta_setValue function| ta_getValue function| ta_getCookiesByMatch function| ta_catchEscKey function| ta_releaseEscKey function| ta_onStop function| ta_showContent function| ta_resetInterrupted function| ta_resetInterruptedTimeout function| ta_loaded number| ta_interrupted string| ta_mac_id number| keepSubDomainInCookiesDomain undefined| ta_mac_id_cookie object| ta_mscript string| paywallScriptSrc string| ta_rnd object| body object| gaplugins boolean| apstagLOADED object| analytics function| quantserve function| __qc object| ezt object| _qoptions object| __buffer object| gaGlobal object| gaData object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| Criteo object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent string| ta_MACHINE_ID string| ta_sessionString string| ta_postMessageLog boolean| ta_supportStorages object| ta_configJSON object| ta_rulesJSON object| ta_productTypesJSON object| ta_subscriptionTypesJSON boolean| ta_showWelcomePopup boolean| ta_showWelcomePopupJustOnHomepage boolean| ta_showFirstPopup boolean| ta_showPeriodPopup number| ta_periodToShow string| ta_showCustomPopup boolean| ta_showLatestPopup boolean| ta_showPaywallPopup number| ta_protectArticle number| ta_truncateArticleInAdvance boolean| ta_isFreeProduct number| ta_validateRequestStatus boolean| ta_firstPageIsNotFree string| ta_productType boolean| ta_userLoggedIn boolean| ta_isFromAllowedIp string| ta_userSubscriptions string| sKValue string| pSKValue string| challenge object| ta_MIN_THRESHOLDS undefined| ta_focus boolean| ta_shouldReopenAccountPopup boolean| ta_willReopenAccountPopup boolean| ta_delayCheckUserRefresh string| ta_externalLoginDomain string| NO_COOKIES_POPUP_TRACK_NAME string| PRIVATE_MODE_POPUP_TRACK_NAME string| WELCOME_POPUP_TRACK_NAME string| FIRST_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PRODUCTS_LEFT_POPUP_TRACK_NAME string| ONE_PRODUCT_LEFT_POPUP_TRACK_NAME string| NO_PRODUCTS_LEFT_POPUP_TRACK_NAME string| PAYWALL_POPUP_TRACK_NAME string| ACCOUNT_POPUP_TRACK_NAME string| CLICK_EVENT_TRACK_NAME string| OPEN_EVENT_TRACK_NAME string| CLOSE_EVENT_TRACK_NAME string| LOGIN_EVENT_TRACK_NAME string| LOGIN_SUCCESS_EVENT_TRACK_NAME string| LOGIN_FAILED_EVENT_TRACK_NAME string| LOGOUT_EVENT_TRACK_NAME string| FORGOT_PASSWORD_EVENT_TRACK_NAME string| LOGIN_LINK_TRACK_NAME string| LOGOUT_LINK_TRACK_NAME string| FORGOT_PASSWORD_LINK_TRACK_NAME string| TOKEN_AUTOLOGIN_NAME string| CHANGE_PASSWORD_EVENT_TRACK_NAME string| CHANGE_PASSWORD_LINK_TRACK_NAME number| passInMd5 undefined| pubkey_e undefined| pubkey_m string| hex_chr function| ta_rhex function| ta_str2blks_MD5 function| ta_add function| ta_rol function| ta_cmn function| ta_ff function| ta_gg function| ta_hh function| ta_ii function| ta_calcMD5 function| retry function| isIE10OrLater function| detectPrivateMode function| ta_isIE function| ta_isIE7 function| ta_isIE8 function| ta_isIE11 function| ta_setClass function| ta_appendClass function| ta_getComputedStyle function| ta_truncateArticle function| ta_getPreservedImages function| ta_removePreservedImages function| ta_elementThresholdExempt function| ta_fillThreshold function| ta_articleTextCount function| ta_refundArticle function| ta_allowEscapeKeyIfBlocked function| ta_setClickAction function| ta_setForgotPasswordClickAction function| ta_setChangePasswordClickAction function| ta_isUserLoggedIn function| ta_checkUser function| ta_checkSubscription function| ta_openEedition function| ta_getTrackingParams function| ta_openCookiesNotEnabledPopup function| ta_showCookiesNotEnabledPopup function| ta_hideCookiesNotEnabledPopup function| ta_openPrivateModePopup function| ta_showPrivateModePopup function| ta_hidePrivateModePopup function| ta_openWelcomePopup function| ta_openPaymentAlertPopup function| ta_showPaymentAlertPopup function| ta_openProductsLeftPopup function| ta_openPagesLeftPopup function| ta_showPagesLeftPopup function| ta_showPaywall function| ta_showPopup function| ta_hidePopup function| ta_hidePaymentAlertPopup function| ta_hidePagesLeftPopup function| ta_hidePaywall function| hideAllPopups function| ta_pageReload function| ta_resetUserStatus function| ta_logout function| ta_callAfterLogoutCallback function| ta_stripToken function| ta_appendURLParam function| ta_getCallBackHome function| ta_appendBackground function| ta_appendInvisible function| ta_getLoginTable function| ta_fixIFrameHeight function| ta_getForgotPasswordTable function| ta_getChangePasswordTable function| ta_removeWrongLoginText function| ta_appendCookiesNotEnabledPopup function| ta_appendPrivateModePopup function| ta_appendPagesLeftPopup function| ta_appendPaywall function| ta_appendPaymentAlertPopup function| ta_loadNMUrlInIFrame function| ta_getExternalLoginLink function| ta_getExternalLogoutLink function| ta_openExternalLoginLink function| ta_openExternalLogoutLink function| ta_showLoginFormInPopup function| ta_refreshButtonsActions function| ta_showLogoutLinkInPaymentAlertPopup function| ta_showForgotPasswordFormInPopup function| ta_showChangePasswordFormInPopup function| ta_accountOptions function| ta_account function| ta_showAccountPopup function| ta_showSingleCreditButton function| ta_showPeriodCreditButton function| ta_createCORSRequest function| ta_hideForgotPasswordSubmitButton function| ta_showForgotPasswordSubmitButton function| ta_forgotPassword function| ta_forgotPasswordRequest function| ta_hideChangePasswordSubmitButton function| ta_showChangePasswordSubmitButton function| ta_changePassword function| ta_changePasswordRequest function| ta_hideLoginSubmitButton function| ta_showLoginSubmitButton function| ta_login object| lastLoginPopupTrackName function| ta_makeLoginRequest function| ta_checkToken function| ta_sendPostMessageLog function| ta_reloadWithoutToken function| ta_loginSuccess function| ta_makeLogoutRequest function| ta_makeAutoLogoutRequest function| ta_makeUserValidateRequest function| ta_makePagesRequest function| ta_validateContent function| ta_validateContentWithProductType function| ta_isHomepage function| ta_readMetaTag function| ta_getProductType function| ta_getMAX_THRESHOLDS function| ta_getMIN_THRESHOLDS function| ta_getFirstTimeNotFree function| ta_isAlreadyVisited function| ta_appendPageURL function| ta_isLocalStorageSupported function| ta_updateAccountButtonText function| ta_paywallSetup function| ta_storeLocally function| ta_getLocalValue function| ta_removeLocalValue function| ta_paywallRefresh function| ta_makeDoubleDelegate function| ta_openPaywall object| popups_style string| text string| text_in_article_default string| text_in_article undefined| popups_corners_fix undefined| popups_ie7_fix undefined| popups_shadow_fix boolean| ta_isPrivate function| ta_externalLoginIFrameOnLoad function| getIFrameByEvent object| externalIFrame object| params undefined| page_ready number| ap_set_scroll number| ap_scroll_distance boolean| ap_scroll_reverse object| ap_popup_img function| ap_scroll_div function| ap_stop_scroll function| ap_create_popup_img function| ap_link_hover function| ap_get_popup function| ap_move_popup function| ap_hide_popup function| ap_show_popup function| detectUserAgent function| getEnv function| isExists function| takeKeysFromObject function| initSessionStorageSequenceId function| getSessionStorageSequenceId function| increaseSequenceId function| updatePlaceHolderAndEncode function| encode_params function| getCampaignId function| generateAndEncodeUrl function| getRandomString object| _window object| _document undefined| windowHref undefined| iframe object| testChannelIds object| envs object| PLACE_HOLDER object| NON_ALPHANUMERIC undefined| AVRO_ANALYTICS_URL object| avroDefaultData object| avroSchema object| wishabi object| ui object| cswidgetoverR object| premium_text_ads function| shuffle string| adExists string| backgroundColor string| primaryColor string| secondaryColor string| tertiaryColor string| moreText number| numberToDisplay string| headerText string| headerGraphicUrl boolean| boldFirstLine boolean| showWrapper string| accordionHTML object| accordionAds object| myScript undefined| scripts string| queryString function| parseQuery string| playlist_id string| pub string| width string| height string| headerFooterBgColor string| headerFooterTextColor string| bodyBgColor string| bodyTextColor string| vidURL string| iframeText object| xhr function| postscribe object| google_tag_manager_external function| hideFbBlock function| hideFbBlockMob function| loginButtonLink function| subscribeButtonLink function| gamesButtonLink function| dmpAction function| stick_in_parent function| tntDmpReactiveLotame function| tntDmpReactiveSegment object| _snup function| ahmsll_release boolean| ahmsll number| ahmsllfail object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| tntSliderReady object| _cb_shared object| tncms_siteaud object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| vfQ object| viafoura object| vf string| encoded_unit object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 boolean| msgData object| google_image_requests object| Moat#G26 object| MoatSuperV26 object| DOMlessLLDcallback_66353121 object| MoatDataJsonpRequest_66353121 object| lineItemInfo6148324234Callback_8462921 object| BrandSafetyNadoscallback_8462921 string| ahm_tvx_placeId string| ahm_tcx_siteId string| ahm_tvx_templateId string| ahm_tvx_contentId number| cbuster string| puburl string| ahm_sChain string| ahm_sURL object| d string| s object| sParent boolean| ahm_tvx_oldLoaded number| ahm_spx object| sPlayer string| ahm_tdx_sURL object| sRotd string| myPropertyId object| clientSettings object| confiant function| initActiveTab object| activeTab object| ahm_config object| ahmpb object| pubgroup_config number| ahm_stackload boolean| ahm_loaded number| _xy number| ahm_stacktimer number| ahm_stackstart object| ahmpbChunk object| _pbjsGlobals object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent841 object| freewheelssp_cache object| aRegionType object| sPositionCookie string| domain object| GoogleGcLKhOms

298 Cookies

Domain/Path Name / Value
.mrtnsvr.com/sync Name: userId
Value: WBfL1WEtM
i.liadm.com/s Name: _li_ss
Value: MgUIBhD7EzIGCNIBEO0TMgkI_____wcQ-xM
www.thetimestribune.com/ Name: flipp-uid
Value: cf2df5a4-1e06-40eb-a4e1-5f3cef6a28d4
.p.flipp.com/ Name: gid
Value: "ZotFhwAANrRzdjnpAC4Dkw=="
.thetimestribune.com/ Name: adbrgn
Value: USNY
.thetimestribune.com/ Name: _adb
Value: a2lbp7gr3m6SoBOGHaeY
.thetimestribune.com/ Name: ta_MACHINE_ID
Value: f8377f4bfe2bddd2714c92392e406791
.postrelease.com/ Name: visitor
Value: 287b55cf-e68f-4dd6-baf8-5555388c670d
.postrelease.com/ Name: status
Value: 0
.thetimestribune.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.thetimestribune.com/ Name: _gid
Value: GA1.2.1283124798.1671116245
.thetimestribune.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.thetimestribune.com/ Name: _dc_gtm_UA-3850501-49
Value: 1
.thetimestribune.com/ Name: _dc_gtm_UA-2313981-1
Value: 1
www.thetimestribune.com/ Name: ntvSession
Value: {"id":6417640,"placementID":1093724,"lastInteraction":1671116245364,"sessionStart":1671116245364,"sessionEndDate":1671148800000,"experiment":""}
www.thetimestribune.com/ Name: _ntv_uid
Value: 287b55cf-e68f-4dd6-baf8-5555388c670d
.postrelease.com/ Name: ver
Value: 1
.quantserve.com/ Name: mc
Value: 639b35d5-a3f8d-aac24-d88af
.thetimestribune.com/ Name: __qca
Value: P0-1146005079-1671116245201
www.thetimestribune.com/ Name: ta_cookiesTest
Value: 1
www.thetimestribune.com/ Name: ta_vl
Value: 1
www.thetimestribune.com/ Name: ta_interrupted
Value: 0
.sharethrough.com/ Name: stx_user_id
Value: d6070ee0-2281-448b-aeff-de36832e2b08
.rubiconproject.com/ Name: khaos
Value: LBP7GRR0-23-4BUC
.a.wishabi.com/ Name: gid
Value: "OVTgjwAAMgp9DBh9ABs74A=="
.openx.net/ Name: i
Value: 110a3b4f-b925-041b-2fa1-1cd0c066a8c9|1671116245
.yahoo.com/ Name: A3
Value: d=AQABBNU1m2MCEKXz_t_RleoY0qDZ7ZLORMYFEgEBAQGHnGOlYwAAAAAA_eMAAA&S=AQAAApTwUwiB_yomg84oIuxpLZ8
.thetimestribune.com/ Name: ajs_anonymous_id
Value: 8b0b4ba3-e7ca-4324-af0a-3e1a2d18f6ff
www.thetimestribune.com/ Name: ta_ss
Value: f0668997cd07d8869676f8da8cafd6de
.thetimestribune.com/ Name: usprivacy
Value: 1---
.thetimestribune.com/ Name: _cb
Value: B3M7pdzDS-QBdMv1e
.thetimestribune.com/ Name: _chartbeat2
Value: .1671116246518.1671116246518.1.JlrDuCkxetVDF2JozhRJGrCktMmU.1
.thetimestribune.com/ Name: _cb_svref
Value: http%3A%2F%2Fthetimestribune.com.admin-us2.cas.ms%2F
.amazon-adsystem.com/ Name: ad-id
Value: A82BeuBla0-7qIgwJGX7Y1o
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.viafoura.co/ Name: VfSess
Value: mtvra8ctue0gr0r3l3glmf8h9v
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
www.thetimestribune.com/ Name: _ga
Value: GA1.1.333536868.1671116245
www.thetimestribune.com/ Name: _gid
Value: GA1.1.1283124798.1671116245
.thetimestribune.com/ Name: __gads
Value: ID=d3ff58f1df784131:T=1671116246:S=ALNI_MYT8VUcZkfNFLM5hDTQ_YzRLYTzKg
.thetimestribune.com/ Name: __gpi
Value: UID=000008d4306f9484:T=1671116246:RT=1671116246:S=ALNI_Mblj257qty8pouUtVNBnorxCgiZAA
.doubleclick.net/ Name: IDE
Value: AHWqTUmupd4TOQuspbRPDlINW_J8puMOYnbBWR93BZZ9CANkklrExOeIzn1lGCgvh5w
.simpli.fi/ Name: suid
Value: EE7C2CD6447D4FB782121DE57AC7E703
.smaato.net/ Name: SCM
Value: 39610da3
.smaato.net/ Name: SCMaps
Value: 39610da3
.lijit.com/ Name: ljt_reader
Value: F0hhdPZHdKReb32SS-6T_Si-
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJWsjI0MzcyNjK1MDHXUbIwR%2BUbocmbmqHyDQ2Q%2BbUAjH8QMw%3D%3D
.gumgum.com/ Name: vst
Value: u_b12a4661-ff14-46b6-9474-e45db24e9122
.360yield.com/ Name: tuuid
Value: 4b03b005-7935-4f69-8c20-44671a57d39c
.360yield.com/ Name: tuuid_lu
Value: 1671116247
.media.net/ Name: visitor-id
Value: 3141178480815869000V10
.pippio.com/ Name: did
Value: knx7cik4Mkvj3nmD
.pippio.com/ Name: didts
Value: 1671116248
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CNjr7JwGEgYIgr0rEAA=
.thetimestribune.com/ Name: _awl
Value: 2.1671116247.5-fc07e966f2fa119ab744eb0624d1cbd9-6763652d75732d6561737431-0
.adnxs.com/ Name: uuid2
Value: 57988376775515890
.contextweb.com/ Name: V
Value: NMufRRKAvvUx
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d64732986c02c4d8
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDI0MLUwM7U0MjAwF-Iz1PUyjyg0Lc_xNkhzMwQAVKTICSQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDI0MLUwM7U0MjAwF-Iz1PUyjyg0Lc_xNkhzMwQAVKTICSQAAAA
.zemanta.com/ Name: zuid
Value: GnCmVp3K2LR_Lyr0T6vr
.outbrain.com/ Name: obuid
Value: 9f15ee87-3c0c-41d0-ab45-e456cab712f6
.ipredictive.com/ Name: cu
Value: b01a49f8-8e86-477e-8aa4-15060e6da8b6|1671116248296
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y5s12AAEM5AzzAAF
.emxdgt.com/ Name: uid
Value: 56801671116248297150af
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-09b64d33-3e11-42bb-4df1-c19b61e24799.lz5QaJAqcPwMo3Ryc6Qzr6gt0BaDomcR0Kkb5KiSoAM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACbZNMz4RQrtN8cGbYeJHmQW16p4.kmohA%2Fp3JSprpbIly6t%2BPhMirhs3MZ0l5tpEU%2Bhamcc
.adsrvr.org/ Name: TDID
Value: e063f1e7-594f-448d-9ec8-39652287366a
.mathtag.com/ Name: uuid
Value: 25b0639b-35d8-4a00-967b-6b3a039ff7a4
.casalemedia.com/ Name: CMID
Value: Y5s12O09IR-LnG.t1VrL1AAA
.casalemedia.com/ Name: CMPS
Value: 145
.casalemedia.com/ Name: CMPRO
Value: 145
.emxdgt.com/ Name: apn_id
Value: 57988376775515890
www.thetimestribune.com/ Name: _vfz
Value: www%2Ethetimestribune%2Ecom.00000000-0000-4000-8000-c70c7f85b908.1671116248.1.medium=referral|source=http%3A%2F%2Fthetimestribune%2Ecom%2Eadmin-us2%2Ecas%2Ems%2F|sharer_uuid=|terms=
.thetimestribune.com/ Name: _vfa
Value: www%2Ethetimestribune%2Ecom.00000000-0000-4000-8000-c70c7f85b908.53bf04dc-05f1-4890-a5b0-6bec0f0c549b.1671116248.1671116248.1671116248.1
.mfadsrvr.com/ Name: tuuid
Value: bf366404-1d0c-476a-946f-44374452a18f
.mfadsrvr.com/ Name: c
Value: 1671116248
.mfadsrvr.com/ Name: tuuid_lu
Value: 1671116248
.thetimestribune.com/ Name: _ga
Value: GA1.2.333536868.1671116245
.linkedin.com/ Name: li_sugr
Value: 5535dcf6-1027-40b8-86ff-a2d78aeed75d
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9d1c0e95-7b10-473d-815c-49e258674707"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2818:u=1:x=1:i=1671116248:t=1671202648:v=2:sig=AQGQke2uRmX-QK6HgcfchA29tGG8NcXy"
.creativecdn.com/ Name: u
Value: t3Z2AE7y1EhbQ0RUc4Z5
.creativecdn.com/ Name: ts
Value: 1671116248
.lijit.com/ Name: _ljtrtb_10
Value: 969470210586592007
.lijit.com/ Name: _ljtrtb_3
Value: 25b0639b-35d8-4a00-967b-6b3a039ff7a4
.technoratimedia.com/ Name: tads_uid
Value: 9A307D73CAD14ED89F8FE7E5256360AF
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221215145728+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 265CC617-1E50-470A-96B5-657054BAA8F9
.deepintent.com/ Name: CDIUSER
Value: di_cc8d6b8303884f4bae5cf
.bidswitch.net/ Name: tuuid
Value: 4b6b3c04-894f-45f2-bf0e-86dd76fa7320
.bidswitch.net/ Name: c
Value: 1671116248
.bidswitch.net/ Name: tuuid_lu
Value: 1671116248
.adsymptotic.com/ Name: U
Value: c0c5ab599a00f4401fc275e4ea5f4c4e
.smartadserver.com/ Name: pid
Value: 1743175450290086261
.lijit.com/ Name: _ljtrtb_87
Value: bf366404-1d0c-476a-946f-44374452a18f
.socdm.com/ Name: SOC
Value: Y5s12MCo5ssAAI3nxagAAAAA
.bluekai.com/ Name: bku
Value: ikG99BQNZt1si+LX
.thetimestribune.com/ Name: _vfb
Value: www%2Ethetimestribune%2Ecom.00000000-0000-4000-8000-c70c7f85b908.2..1671116248....
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.viafoura.co/ Name: vfDeviceId
Value: 08326b57-8d87-48f5-9e9d-fa89657342cd
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.mookie1.com/ Name: id
Value: 10594014441606866446
.mookie1.com/ Name: mdata
Value: 1|10594014441606866446|1671116249055
.mookie1.com/ Name: ov
Value: 75e80fe4d7936e9e744831f2b366dba0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005%22%7D
.tapad.com/ Name: TapAd_TS
Value: 1671116249085
.tapad.com/ Name: TapAd_DID
Value: d1eed283-136f-4d2c-a332-987d17084c78
.liadm.com/ Name: lidid
Value: a75688e2-24f5-4542-a14a-03f313722534
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-Y5s12AAEM5AzzAAF&KRTB&22978-Y5s12AAEM5AzzAAF&KRTB&23194-Y5s12AAEM5AzzAAF&KRTB&23209-Y5s12AAEM5AzzAAF
.33across.com/ Name: 33x_ps
Value: u%3D212056383526205%3As1%3D1671116249113%3Ats%3D1671116249113
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:EE7C2CD6447D4FB782121DE57AC7E703
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-e063f1e7-594f-448d-9ec8-39652287366a&KRTB&22918-e063f1e7-594f-448d-9ec8-39652287366a&KRTB&23031-e063f1e7-594f-448d-9ec8-39652287366a
.taboola.com/ Name: t_gid
Value: 2758f9db-1344-4582-bf8a-b64f0a6d0533-tucta94bb59
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEHvoBui1QWjWSw-25zbfIKQ&KRTB&16514-CAESEHvoBui1QWjWSw-25zbfIKQ&KRTB&23025-CAESEHvoBui1QWjWSw-25zbfIKQ&KRTB&23386-CAESEHvoBui1QWjWSw-25zbfIKQ
.company-target.com/ Name: tuuid
Value: cae6d776-fd5e-4c4d-a948-0aa0c085a0da
.company-target.com/ Name: tuuid_lu
Value: 1671116249
.turn.com/ Name: uid
Value: 3560567457612390603
.adotmob.com/ Name: uid
Value: 087e220400fa0a38ee1fd5d2
.adotmob.com/ Name: uuid
Value: 087e220400fa0a38ee1fd5d2
.adotmob.com/ Name: partners
Value: IX%3A1671116249199
.mookie1.com/ Name: syncdata_TAP
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3560567457612390603&KRTB&23150-3560567457612390603
.rlcdn.com/ Name: pxrc
Value: CNfr7JwGEgUI6AcQABIFCOhHEAASBgi46wEQAg==
.thetimestribune.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1671116245.1.0.1671116249.56.0.0
.openx.net/ Name: univ_id
Value: 537072971|e063f1e7-594f-448d-9ec8-39652287366a|1671116249352443
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8390
.agkn.com/ Name: ab
Value: 0001%3AXXQ4xQNKDqfaAl%2BGZHsZcOncmm%2F5TKEe
.mookie1.com/ Name: syncdata_NEU
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 67af2790-34b1-43a0-ae7e-7a74344429af
.d.adroll.com/ Name: __adroll
Value: 1debdcecd58c756534f9dfff88300785-a_1671116249
.adroll.com/ Name: __adroll_shared
Value: 1debdcecd58c756534f9dfff88300785-a_1671116249
.w55c.net/ Name: wfivefivec
Value: dRsvu7oN1P5PFT5
.casalemedia.com/ Name: CMTS
Value: 1224
.bidr.io/ Name: bito
Value: AAAtHk7HNmwAACIa0xycww
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchgoogle
Value: 5
.media.net/ Name: data-g
Value: CAESEB2um_zSTRaw_GqacBJ29K0~~3
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-7be238f7-11d7-30d7-b661-657b0e62f9b3
.thetimestribune.com/ Name: _gat
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zvEyGtoZm5oaGhmZGJhZGK5igXONzU0MDMBALPCZ7IgAAAA
.openx.net/ Name: pd
Value: v2|1671116249.2|iKbwvPvMgahEgKkWg2gy.mmuYwtvJeSwrf8vuwike
.clickagy.com/ Name: cb
Value: Y5s122ZigEJqFWQC55-GhmWO
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2022-12-15 14:57:31"}]
.sitescout.com/ Name: ssi
Value: 37c684cb-9798-4dd2-bc59-135fe6a7d8b4#1671116251342
.bluekai.com/ Name: bkdc
Value: phx
.primis.tech/ Name: csuuid
Value: 639b35db96a06
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-57988376775515890&KRTB&23339-57988376775515890
.quantserve.com/ Name: d
Value: EI8BCwHoJ_ijAA
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220221215%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt&KRTB&19420-OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt&KRTB&22979-OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt&KRTB&23403-OTI-2jw0Y40iYDTeN2Uq2W5iNYwiZT-AbmfA4llt
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4&KRTB&16736-uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4&KRTB&23019-uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4&KRTB&23208-uid:25b0639b-35d8-4a00-967b-6b3a039ff7a4
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_cc8d6b8303884f4bae5cf
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b01a49f8-8e86-477e-8aa4-15060e6da8b6&KRTB&23011-b01a49f8-8e86-477e-8aa4-15060e6da8b6&KRTB&23355-b01a49f8-8e86-477e-8aa4-15060e6da8b6
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_cd3013f1-7c88-11ed-92c1-120817463c8f
io.narrative.io/ Name: io.narrative.guid.v2
Value: cd32fa20-7c88-11ed-be1a-12592cdca9e3
.dotomi.com/ Name: DotomiTest
Value: 3b5af524dfd3161e
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 6fc5a047b67526847e00bb9c357909b5
.technoratimedia.com/ Name: tads_uidp_73
Value: AAAtHk7HNmwAACIa0xycww
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAHyc6i5UI2ZANj__WaAAAAAAA&KRTB&22713-AAAHyc6i5UI2ZANj__WaAAAAAAA&KRTB&22715-AAAHyc6i5UI2ZANj__WaAAAAAAA
.semasio.net/ Name: SEUNCY
Value: AF8A8A9E4F0A64D3
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY3MTExNjI1MTkxNCwiMTciOjE2NzExMTYyNTEzODF9
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1671116251!sovrn,1671116248
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&KRTB&23418-37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553&KRTB&23424-37c684cb-9798-4dd2-bc59-135fe6a7d8b4-639b35db-5553
.mxptint.net/ Name: mxpim
Value: R1B330_FAF05FF1_28747F0E.1.0000000000000000639B35DC
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B330_FAF05FF1_28747F0E&KRTB&23092-R1B330_FAF05FF1_28747F0E
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4b6b3c04-894f-45f2-bf0e-86dd76fa7320
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1hsx|7dN.0.AAAtHk7HNmwAACIa0xycww|7bq.0.1
a.clickcertain.com/ Name: _ccpx_u
Value: d838a010%2dd969%2d4065%2dbd0a%2d9112066ae39c
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAtHk7HNmwAACIa0xycww
pool.admedo.com/ Name: tuuid
Value: abd394bb-3e4c-4e06-a4d4-d431ec606011
pool.admedo.com/ Name: c
Value: 1671116252
pool.admedo.com/ Name: tuuid_lu
Value: 1671116252
.a.usbrowserspeed.com/ Name: tuid
Value: 284e6d4b-27d4-45e2-aa6e-1e80ec3dd1d8
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1671116253386
.intentiq.com/ Name: intentIQ
Value: yyTLPvnkxx
.iqzone.com/ Name: iq_u_key
Value: aa71b1b2-e906-461c-ba18-9e6b0f8e4978
.iqzone.com/ Name: iq_r_key
Value: 169
www.thetimestribune.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.analytics.yahoo.com/ Name: IDSYNC
Value: "18za~28v2:18z8~28v2:18yx~28v2:198j~28v2"
.3lift.com/ Name: tluid
Value: 2942926129357839341305
.tremorhub.com/ Name: tvid
Value: 1f5c9e9dbadc410db7d921ff458aac78
.ads.stickyadstv.com/ Name: UID
Value: 76d8f143af3ded831539de168e22cc3
.tremorhub.com/ Name: tvssa
Value: 1671116253602
.intentiq.com/ Name: ASDT
Value: 0
.adstanding.com/ Name: _adstanding_id
Value: 3c33dfd7e7833733278b7135b485babe
.smaato.net/ Name: SCMsas
Value: 39610da3
.smartadserver.com/ Name: csync
Value: 86:57988376775515890|127:AAAtHk7HNmwAACIa0xycww|133:39610da3
.media.net/ Name: data-pri
Value: 639b35db96a06~~34
.intentiq.com/ Name: IIQYahooPrimisCookieSync
Value: 1671116253810
.intentiq.com/ Name: IQSmartAdServerCookieSync
Value: 1671116253831
.intentiq.com/ Name: IQadv
Value: 1671116253851
.intentiq.com/ Name: IIQFreeWheelPrimisCookieSync
Value: 1671116253872
.intentiq.com/ Name: IQtelariaCookieSync
Value: 1671116253875
.intentiq.com/ Name: IQRubiconPrimisCookieSync
Value: 1671116253875
.intentiq.com/ Name: IQBidswitchPrimisCookieSync
Value: 1671116253893
.intentiq.com/ Name: IIQloopmeCookieSync
Value: 1671116253907
.adform.net/ Name: C
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3A-HAtgiJxuNkO3JzvezExWnV1WkWkHuvD.lAv7BTJ3DDVP%2FfTzE05zwfWgXzQEiyUqh2hR3SrHVE0
.adform.net/ Name: uid
Value: 5409130810637765558
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5409130810637765558&KRTB&23263-5409130810637765558
.intentiq.com/ Name: IQMediaNetCookieSync
Value: 1671116253962
.yieldmo.com/ Name: yieldmo_id
Value: g6e10c61c5d3cd7fa7ab%7C1671116254004%7C0%7C
.ads.stickyadstv.com/ Name: pxId
Value: 247
.intentiq.com/ Name: IQOpenxPrimisCookieSync
Value: 1671116254014
.lijit.com/ Name: ljtrtb
Value: eJwNysENAzEIBMBeeAdpbRYw6Qbn5Cai9B7Pe75i8pbpG2G11fxZyga0IrfGtobVOdmUl6y8dx%2BLIKjjwUeZ0VqMo6Ql6bPHOvcO3FtRTMwBX%2BE1gZTfHwDjGhM%3D
.lijit.com/ Name: _ljtrtb_8101
Value: yyTLPvnkxx
.intentiq.com/ Name: IQYieldmoCookieSync
Value: 1671116254041
.intentiq.com/ Name: IQPubmaticCookieSync
Value: 1671116254065
.intentiq.com/ Name: IQSovernCookieSync
Value: 1671116254122
.adsby.bidtheatre.com/ Name: __kuid
Value: 3cc5cf72-b829-4d03-9408-52e30bfd5679.440330254
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.intentiq.com/ Name: IQAppnexusCookieSync
Value: 1671116254212
.intentiq.com/ Name: IQMediaMathCookieSync
Value: 1671116254222
.intentiq.com/ Name: IQRubiconCookieSync
Value: 1671116254222
.thetimestribune.com/ Name: _gat_UA-3850501-49
Value: 1
.criteo.com/ Name: uid
Value: 95afa575-bd3b-4686-9d5f-1cd93db9682e
.rlcdn.com/ Name: rlas3
Value: 8/sV1HJVPdk83/MzxoHNm9wXVGOmFANhbTVorpyw/60=
.intentiq.com/ Name: IQTripleLiftCookieSync
Value: 1671116254367
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxLgqspwVIoRVlMG4C6D/t+3+rBgKaKUkHd9RWrMglQxwA1KMFv+B3022AxoeuCLPjNRLx+KGXCKWeayTOuz3uq74ICd6Q+AmJuy35gBYlq/pNAPlTu0R9RN
.thetimestribune.com/ Name: cto_bundle
Value: -hdTj192QmUzUVMyVndEJTJGd2tiT3hiQmd1TEx2YjlkJTJCeE82T3k3UHVpOW55em85T1ppeklPSnExRWt4djBvbzhqbEZwcXRONmJLbTNkR3l6dU5Tb3FnJTJCQU95Szl0NDdZMkRRekIyY1pocDBORjZjN1ExV3IwJTJCRWxCUDRCJTJGdHQ5VUdIRFVVRmY3QXlReldWUm9qemhJM3lSVXMxVmE4MnljUTlkb2gwUjNpajc4TzhjJTNE
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNDRfMCZUUTY1VXczIzI0XzAmVFE2NVV1biMxNTExNV8wJlRRNjVVb0gjMTUxMzFfMCZUUTY1VXMxIzEwMTQwXzAmVFE2NVV4SyMxNTAzOF8wJlRRNjVVdDgjMTUxNTFfMCZUUTY1VXIxIzE1MTE5XzAmVFE2NVYydw
.intentiq.com/ Name: IQPData
Value: 95808158#1671116254569#0#1671116253659
www.thetimestribune.com/ Name: _lr_retry_request
Value: true
www.thetimestribune.com/ Name: _lr_env_src_ats
Value: false
www.thetimestribune.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e063f1e7-594f-448d-9ec8-39652287366a%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-11-15T14%3A57%3A35%22%7D
www.thetimestribune.com/ Name: pbjs-unifiedid_last
Value: Thu%2C%2015%20Dec%202022%2014%3A57%3A35%20GMT
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEtLNk00MDFPMjM3NTKzMDFPNTBISrJMNjY1tzSwTDJlAILk2ab3QTQUAABI2wpv"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInm16H0hBAQAZbAIT"
.thetimestribune.com/ Name: panoramaId_expiry
Value: 1671202655100
.thetimestribune.com/ Name: _cc_id
Value: 6fc5a047b67526847e00bb9c357909b5
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 21
.pubmatic.com/ Name: pi
Value: 156595:3
.pubmatic.com/ Name: DPSync3
Value: 1672272000%3A245_236_228_221_197_201_219_226%7C1671667200%3A253_252_248%7C1671148800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1672272000%3A220_7_214_8_71_48_176_233_5_96_56_22_165_99_240_21_250_3_81_239_54_13_55_243_104_204_238_166_178_231_249_234%7C1676246400%3A69%7C1671667200%3A2_223_38_15%7C1671926400%3A63%7C1672358400%3A35%7C1673654400%3A224
.w55c.net/ Name: matchpubmatic
Value: 5
.fwmrm.net/ Name: _uid
Value: "eb83c_7177389663039230538"
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:dRsvu7oN1P5PFT5&KRTB&23421-uid:dRsvu7oN1P5PFT5
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-67af2790-34b1-43a0-ae7e-7a74344429af
.adgrx.com/ Name: ADGRX_UID
Value: cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: eb83c_7177389663039230538
.ads.stickyadstv.com/ Name: MRM_UID
Value: eb83c_7177389663039230538
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-CbZNMz4RQrtN8cGbYeJHmQW16p4&KRTB&23334-CbZNMz4RQrtN8cGbYeJHmQW16p4&KRTB&23417-CbZNMz4RQrtN8cGbYeJHmQW16p4&KRTB&23426-CbZNMz4RQrtN8cGbYeJHmQW16p4
beacon.lynx.cognitivlabs.com/ Name: ss
Value: ZmMVHYIN8sV0P3OR1NsHrKhLc20gQkNitVtNkU3beGLXbDvihxZRGRnEFfRR9nX9p8%2BKK2341x0M32Qtpv9%2Fgw%3D%3D
.acuityplatform.com/ Name: auid
Value: 720581416291
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQkVJJwCumGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUJFSScAro90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-WBfL1WEtM&KRTB&23413-WBfL1WEtM
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7&KRTB&23275-cf3aa7c8-7c88-11ed-94d0-f3ed58af13a7
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-720581416291&KRTB&23428-720581416291
.ctnsnet.com/ Name: cid_34acc267852b448bb3a8f62a13dd076e
Value: 1
.fiftyt.com/ Name: fifid
Value: 583c3c96-638e-4fa9-74b8-31d84892ec95
.fiftyt.com/ Name: cs
Value: MTY3MTExNjI1NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKtMQa-mEMp6H3sKc0cB5ORDlGkLX7D5WsExITg6qYeI
.inmobi.com/ Name: idsp_c
Value: ef49c071-ee6f-4a0a-8886-7fe35fb74c81
.pubmatic.com/ Name: SPugT
Value: 1671116255
.tribalfusion.com/ Name: ANON_ID
Value: a5nvfMsjyDimTFM6F4kZcsPClY5Zbg58un05cWYm2HbbgK2PtdLkTOwBXZdAoFcNXXet7FuuZcoJJuGXkiFtkO7qGPhJXZb8EZcEPZcMUWfi7VuOfN13bF95UoY
.pswec.com/ Name: tuuid
Value: 522395ca-9b5e-49f4-a60b-669fd316d3b6
.pswec.com/ Name: c
Value: 1671116255
.pswec.com/ Name: tuuid_lu
Value: 1671116255
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCKD9xf3Wra87EAUSFwoIcHVibWF0aWMSCwiyusqA162vOxAFEhUKBmNhc2FsZRILCNCB-oTXra87EAUSFAoFdGFwYWQSCwjOyYiD162vOxAFGAEgASgCMgsIjJrd6e2trzsQBTgBWglzdGlja3lhZHNgAg..
.fiftyt.com/ Name: fppm
Value: 20221215145735
.ads.stickyadstv.com/ Name: uid-bp-892
Value: e063f1e7-594f-448d-9ec8-39652287366a
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005&KRTB&17107-RX-b12f8499-679e-438a-a2ab-7c7566dc1e35-005
.onaudience.com/ Name: cookie
Value: 4d14a7dc6527cd26
.onaudience.com/ Name: done_redirects104
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEBtnd237ch4ESTbDzRj_wok
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-AQ5czd9E2oPisvZ1REJOH6mMBmOLF23ZcQDqqRZZ~A
.csync.loopme.me/ Name: viewer_token
Value: 1b08919d-9158-458e-9822-ec1b78c284a1
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAAtHk7HNmwAACIa0xycww
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7244026551091621944P
.owneriq.net/ Name: pmc
Value: 1
.ads.stickyadstv.com/ Name: uid-bp-951
Value: 57988376775515890
.ads.stickyadstv.com/ Name: uid-bp-617
Value: 5409130810637765558
.w55c.net/ Name: matchfreewheel
Value: 5
.ads.stickyadstv.com/ Name: uid-bp-23329
Value: dRsvu7oN1P5PFT5
.ads.stickyadstv.com/ Name: uid-bp-45
Value: Y5s12AAEM5AzzAAF
.onaudience.com/ Name: done_redirects219
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7244026551091621944&KRTB&22521-Q7244026551091621944
.c.appier.net/ Name: _auid
Value: Rvrk3ly2BoyD3v9R3zWbYw
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-Rvrk3ly2BoyD3v9R3zWbYw
.pubmatic.com/ Name: PugT
Value: 1671116254
.zeotap.com/ Name: zc
Value: 9a977485-48c0-4047-68a6-3f6497f14b2d
.zeotap.com/ Name: zsc
Value: T%DE%CB%DA%F2%DFf%D5%DB%AF%EA%2A%B1a%9A~%D7g%09%25%C8m%26%19%17%B8%2A%BB%1Agt%E4%F4%EC%7B7%7C%EE%89%CF%D9%17V5%A8%8BG%28%DD%BE%DBqdM%16SE%88%8C%15%7FO.%0FB%2CB%3E%0C%BC%C5%86%E4%EB%BD%DF%0E%1A%F3q%3B%2F%B5
.id5-sync.com/ Name: id5
Value: b260ebe3-d125-7ed8-ba19-08331da56eb8#1671116248898#3

31 Console Messages

Source Level URL
Text
network error URL: https://tag.simpli.fi/sifitag/785034b0-eb7a-0136-564a-067f653fa718
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://d1gzrgn7m19oq9.cloudfront.net/widget/retailadvertiser?hostname=newspaperads.thetimestribune.com
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn-resources.prfct.cc/assets/marketplace/libs/res/r202212140/js/advertiserwidget.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.thetimestribune.com/(Line 1887)
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1671116245572;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627228/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1;misc=1671116245572;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/(Line 1887)
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1671116245573;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627234/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4;misc=1671116245573;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/(Line 1887)
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1671116245573;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627231/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=3;misc=1671116245573;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/(Line 1887)
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1671116245573;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627233/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=2;misc=1671116245573;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to font at 'https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627232/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627235/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627235/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=6;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627238/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627238/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=7;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4627229/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=8;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955987/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=9;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.thetimestribune.com/
Message:
Access to XMLHttpRequest at 'https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=10;misc=1671116247815;' from origin 'https://www.thetimestribune.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11167.1/4955988/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=10;misc=1671116247815;
Message:
Failed to load resource: net::ERR_FAILED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://pr-bh.ybp.yahoo.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'trust-token-redemption'.
network error URL: https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://thetimestribune.com/content/tncms/ads/_popup/1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=Y5s12AAEM5AzzAAF
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUT4OKFR&noCookies=true(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ecaa0bb050e3c2db5ed2e412cf8edc4.safeframe.googlesyndication.com
a.clickcertain.com
a.tribalfusion.com
a.usbrowserspeed.com
a.wishabi.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.crwdcntrl.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adspsp.com
amazon-tam-match.dotomi.com
ampcid.google.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api.circularhub.com
api.intentiq.com
api.rlcdn.com
api.segment.io
api.viafoura.co
aud.pubmatic.com
b1sync.zemanta.com
bandborder.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bids.concert.io
bloximages.chicago2.vip.townnews.com
bpi.rtactivate.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casmp.adperfect.com
cc.adingo.jp
cdn-gateflipp.flippback.com
cdn-resources.prfct.cc
cdn.cityspark.com
cdn.concert.io
cdn.confiant-integrations.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.segment.com
cdn.viafoura.net
ce.lijit.com
citysparkstorage.blob.core.windows.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cnhi-d.openx.net
code.jquery.com
connect.facebook.net
contextual.media.net
core.iprom.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
cs.iqzone.com
cs.media.net
csp.azureedge.net
csync.loopme.me
cvision.media.net
d.adroll.com
d.turn.com
d1gzrgn7m19oq9.cloudfront.net
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dts.clnmde.com
dts6.clnmde.com
eb2.3lift.com
engagefront.theweathernetwork.com
eu-u.openx.net
eus.rubiconproject.com
f.wishabi.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.adspsp.com
geo.moatads.com
gocm.c.appier.net
gu.dyntrk.com
gum.criteo.com
hblg.media.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
hymnal-prod.vox-cdn.com
i.liadm.com
i.viafoura.co
i.w55c.net
i6.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images-na.ssl-images-amazon.com
images.wishabi.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
japfg-trending-content.appspot.com
js-sec.indexww.com
justapinch-com-d.openx.net
lb.eu-1-id5-sync.com
lg3.media.net
lh3.googleusercontent.com
live.primis.tech
m.media-amazon.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mb.moatads.com
mb9eo.publishers.tremorhub.com
mcasproxy.azureedge.net
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
notifications.viafoura.co
odr.mookie1.com
onetag-sys.com
oxp.mxptint.net
p.adsymptotic.com
p.cityspark.com
p.flipp.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantcount.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prod.adspsp.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
r.turn.com
res-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.cpx.to
s.ntv.io
s.tribalfusion.com
s.uuidksinc.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.chartbeat.com
static.cnhionline.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
t.pswec.com
tag.simpli.fi
tags.crwdcntrl.net
tg.socdm.com
thetimestribune-cnhi-pw.newsmemory.com
thetimestribune.com
thetimestribune.com.admin-us2.cas.ms
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
usersync.samplicio.us
video.digi-me.com
video.primis.tech
visitor.fiftyt.com
volume-assets.voxmedia.com
voxcustomdfp152282307853.s.moatpixel.com
voxvidint960547728228.s.moatpixel.com
warp.media.net
www.americanhometownmedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.justapinch.com
www.thetimestribune.com
x.bidswitch.net
z.moatads.com
ads.stickyadstv.com
adserver-us.adtech.advertising.com
cs.admanmedia.com
csp.azureedge.net
tag.simpli.fi
104.117.182.27
104.16.132.24
104.18.99.194
104.36.115.111
104.45.178.220
104.72.144.21
104.72.145.167
104.81.240.200
104.81.241.61
104.99.26.140
107.178.246.49
107.178.254.65
108.156.167.180
108.156.168.23
108.156.172.102
108.156.172.121
108.156.172.44
108.156.172.69
108.156.172.74
108.156.172.86
108.156.172.9
108.156.172.99
108.156.184.13
108.156.184.51
108.156.184.9
108.156.187.204
130.211.10.17
141.226.224.48
141.94.171.214
142.250.80.34
142.251.35.166
15.235.43.120
150.136.26.45
151.101.1.108
151.101.2.49
159.65.197.210
162.19.138.120
162.248.18.34
169.197.150.7
172.104.64.149
172.64.151.162
172.64.154.237
173.231.178.85
18.214.193.123
18.214.96.241
18.220.131.167
184.29.143.137
185.167.164.39
185.184.8.90
185.98.54.153
192.104.182.209
192.40.39.223
195.5.165.20
198.148.27.139
198.24.170.28
199.127.204.142
199.187.193.182
199.187.193.185
199.187.193.192
199.232.192.124
199.232.196.124
199.38.167.131
20.127.253.7
20.60.81.107
2001:4860:4802:34::181
2001:4de0:ac18::1:a:1a
202.241.208.52
204.2.255.233
207.198.113.89
216.17.34.108
216.200.232.253
23.23.107.195
23.32.172.185
23.44.133.31
23.44.211.156
23.49.100.28
23.64.60.21
23.78.168.242
23.92.190.69
2600:1400:9000::687e:76f8
2600:1901:0:636d::1
2600:1f18:44f0:4800:250:51f2:8e30:528d
2600:1f18:4e9:5a02:3207:2d8f:6030:21a0
2600:1f18:612b:4200:d154:f19:a39d:8ac
2600:1f18:61c0:2204:5d2:2a49:8c46:6613
2600:1f18:ed:550a:e5e8:a01c:2029:474f
2600:9000:24f7:1000:8:2ae1:d740:93a1
2600:9000:24f7:9a00:18:1fcd:351:7bc1
2600:9000:24f7:e200:6:44e3:f8c0:93a1
2600:9000:24fd:3c00:1a:5235:f980:93a1
2600:9000:24fd:4e00:8:48e:53c0:93a1
2600:9000:24fd:5a00:1b:6b7d:2300:93a1
2600:9000:24fd:6a00:1:6448:6d00:93a1
2600:9000:24fd:6e00:1b:5138:8a40:93a1
2600:9000:24fd:dc00:1e:7118:9c80:93a1
2602:803:c002:300::99
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:10::ac43:db6
2606:4700:20::681a:932
2606:4700::6810:5514
2606:4700::6812:106b
2606:4700::6812:18ad
2606:ae80:1471:19::1050
2607:f8b0:4004:c0b::99
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2004
2607:f8b0:4006:822::200e
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a04:4e42:400::272
3.208.125.27
3.210.251.205
3.214.33.241
3.215.101.237
3.220.222.172
3.231.49.203
3.234.62.154
34.102.163.6
34.102.227.237
34.102.253.54
34.107.222.173
34.111.96.116
34.117.126.186
34.117.86.81
34.120.155.137
34.120.23.223
34.120.58.62
34.150.170.96
34.200.205.254
34.202.114.247
34.213.190.9
34.225.32.205
34.233.171.12
34.236.83.94
34.96.105.8
34.96.71.22
35.153.91.195
35.155.108.1
35.186.193.173
35.190.60.146
35.190.90.30
35.201.96.126
35.207.24.140
35.210.53.219
35.211.178.172
35.214.223.115
35.227.252.103
35.244.159.8
35.71.131.137
35.71.139.29
4.78.226.232
44.194.228.115
44.196.110.42
44.205.97.245
44.211.1.254
5.161.47.120
50.57.31.206
51.222.239.230
52.151.238.5
52.160.40.218
52.207.194.90
52.24.202.12
52.4.210.20
52.45.33.138
52.46.145.177
52.46.155.104
52.94.223.37
54.175.230.119
54.204.251.148
54.213.236.150
54.235.189.154
54.236.78.230
54.243.126.57
54.81.25.165
54.82.174.208
54.85.193.37
54.87.95.148
54.88.76.203
63.251.114.136
63.251.28.234
67.202.105.24
68.67.160.114
68.67.179.166
69.166.1.14
69.90.254.78
70.42.32.31
70.42.32.63
74.119.119.139
74.119.119.150
8.2.111.13
8.28.7.109
8.28.7.81
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
96.16.29.148
99.80.118.88
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00518e20e5bf3c9af309bf58e8c2f45b3de551f9f35aa6eeaa6dae6a6fae4e34
01359389845141dd19204f13ff7c4c70406200bed10a9ee390f7757e324c6042
0138c95496b9d5fb5771fb66849dd396d7d7b1f49de278af960f657fa65327ff
024eaf2f1b268a3b1de960da3dc41e46756ee00372477f3bbf1e06c53cbf2307
029086d89d5b475ab8cb71cb223c502ba19980692d60958dcfd6571aed75d98f
030ad3d019a5a4d704109e6430463eda9456b33dfdd3a5d923d9637ae0a114d1
03e696a42da8c84168acd24727c00b9ef6995cf56e890956162808379fb63cc4
042b4bd4cccacb97cf58b80a43fd2b8f0b2178799f229e681522dc3cf98b43e5
04847a0fb8457de84f2dc355a07f56148ce93c3af98c111071e71cb6a203b6c9
05024fcd013ea8a8f72077ffb2fb09f87b9f60356b038149f148a1999c482070
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d
05e1266ebcd0f30fd95b69de06ec2de288f14e470b8f91bcdb29ada6fda44660
063fb28b8ff592dc368b419fc355502c77fb9fcdff50af9418a1b482025aa5d7
0640f2d5792dc8a52b8439d3da1fc691a908b05399cb73c8d7b5ce5cb8a04305
069e356ecb8b598f6bd7c3994d25fb4025bd1abca3160b346f50c5048b53274c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0735dc9c0e72bfc9d0ed54598676129bba88a1d652b7a222084845e40c2e9107
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f50c0aea90c1404e80f2281f96b66bb45c75b14feb9b0ec88ecdac73c25379
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09bca8051bf8342d1a0392880c04aa08ff391dca448dafdd7c772312d9db28d3
0a75a24eb7d1cb855611174482489741928526514df4e2a17eecde39c2cce489
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0af78999b748385f2a5d661436a2b4236d77b813909b22ffd9ca587f3b1f1a02
0b193e9148db8d0686329a827b820586dc18f64f47a126980a9a4bb2f2f31ff6
0b3eaef8c0f3128fc6400031f37fbd0922f7422651b0ce1ef189e99a1a4724f7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d58070cbaf6fcd1842cfbdfa2415afbc8463a894d7bacd7f395789e7ebcb6fa
0d7b78fae919a5cd81a06686f0af5a6ee02fdf1ca77e1345465b40bc4c3f01fe
0d8d4465dfe26cc7f993263332190ae8562c8f15977b6228b08358e35e2eb72f
0dabde244ca54751439b42b2bc6754887cf48d7d13835c2ed1fa37b253a4731a
0e4b19026421ca103a63c60f7342fad00842bfe48d418e16ce7a80266dfb7723
0eadfbaf60d2efdd306286a939dd33f9e4a62a43ec7b7d76b393e683ed661c7b
0f0ae5b9f8a1720824de45b30479e4c9da62f81dd5b00f6118782fda7262de24
11ac8a2727b3881d0e0330643bbb36f9e5592206d310d557055228b850af29d1
11b2d411b6cd682f019c5471f70f650726f20006977bc023c666f38ad8106abb
1267d961cc5ad265712b3d3a144e0a1add99132bec9c10f7201d3499f3ba8422
1270fb884615b5d498d0abbc0b357f6a189e53d6e473f7fda8b51cef205051bc
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1334a2785a64e782b53a5d91a11eaf3c4f812782cb396607f3cb07e34cd6f294
13973d72fdd0c76816ffd7e176967a3ce7884961341193e81e3f1ad4a047d823
1503ffa845faf94d1171cd43f9f4d04a36848943be74e5365764990bb57d2d50
156f8a4a4e02f9d9ec4a553c420e33a0d0c8565524e25c56cb66c3f353c1b5a6
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
16c2d4c31e6e9c4554e9486049f98557cc796a894691385af58b7b99b24a3876
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188025b85ed40c3170b284da59422a3f8c9eaa0cd47623bfe2dcc7b265237e93
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1971669620c816f3e108dd8bb837684e0f1b4dd9fc64b6da69d952c92247e775
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
199ec7c131ddb67da5961993ac596c67d5c469a103afc39a18ad3aed49c6d11e
19e45f370bcabb1ef42b7dfa94381990a6e6d873370e7ca2e09a46f308634864
19f9276f53dbe297e9a198481caa8327ca36f3454c83853428ef025e16dbcf1b
1ae21ba8afe6488abcb750d2d03d74e42ca6a23ab656aa1c14eff557225ab3f0
1c1e1c3ae7f9b71951f0539bbea7738054c26fee2e896ebb54f253db765d4c84
1d07df5629c3cc6fad427d4cedfdcee994ee385259799dcdcff8b777286408bb
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e5c3eb06040a3eaf80ccf1649fd1c42a9f825d8b4c8b744da22577678ef8c70
1e7955f503aaea644d6591f86c10de9cae8e4f500f6daedae7612519b9b53174
1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937
1ec692c8a9db4c997eae04f7c26ff89dbc361942f87ca62cff545788d41b305c
1ed6c415b344591ee5808a4303d3ba55faa8756b866af9ccb7a76f389d45d41e
1f4230272b32273eff0b5ad9150013d9b782271e4ca6373c746e4c8d49290f6b
1f8eb63ec968bdc9a73d07a9b40f9914d28f7d68fc148a442e1b0a42fd7b9baf
218a0e66df0fb27c4f40d049edac29fff94b6af1cbc2ab06e8b81be00d913164
24ebce0e284caf3f71dbe84e79ad33042d6f0d819c65617dc8dc9abb2135331d
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
25941110a1b64f63cc8962779459344bae53929dca27f3094f45d64ad171bc28
26168261b96488292ea815558bdf42c2f32047e452aed9fafd44ea7278b564ee
26f57c0ae5e0d4facc35c59e72ff3455b016a42645e13c1eea628243ef9ad40d
27028933e1e20eef0e52c807f9d20f403c4cc7dcf54219b7e313cae96e7279bc
285fd62317c0b8d3e8bcb6ffd638cd922b10ac80122b725b7ecf648383f17323
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2b468c0684a4770f54be1f5655f7dde84914f98659c0943740e621e8528667ca
2c2c926075d207c230588ec2551061f3d08b72833958f87989b26ebd60cb0372
2ccbbf43514cefd19d0a54e14ced8fc6f332f96b39afbeb3d43b41180266c59e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
301650f635e6a3a92b8ecf8855f8bd3376411498d873718317ecb24e4b5358ce
3151f1220c63817a5f293f7a01d32cfe4066cc7af5fac2df7f073cc81b7e4757
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ac0e2d662ac17b7643e4118219024b8c3a86dd90305782542b8940143d0163
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329c2789eb97417e01bc0e1d94b5308fee029f7a088af41c93cd72f4755a79e6
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
36846467a1232f96f502b25fc37a3fb50360202f189e0e2520e920b68a455010
36a112f46433a6aa94207c5e827a9619ab9dd4890bc1d7c8f97f79364888f31e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38ca0a38b5b6146ddae7b1be9393b2e8e967d57f7f9b7b33bcddd46e2fa61483
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
39d6835ee4b7c5b33295b8e6ca78c56ce6fbcf44d80e79d218d528a2453fb185
3adb2bccb2c243ede4816384e39e5ac7c27273fa573ba04a59efa171d96f6640
3b6240c1426c0aed0bedb4390ecc2c67b6da8e6b74e6bae03ad6c59374f8a62a
3ba5d6411c56f9f8499cd7de0ce4bd01214e09e5782686423dda721f01b4eee8
3be0e00c1bffdf5cfc2d61d8a79569bac7c2f7a187d628f6239b12ea7cdc728f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d7380dd96a8b87919129a9350fa06f0ce0bea63f622133f9ab48795cc4c1691
3da915c06275e9dbbd3ed95f532bd07a8cb66f189e41cdcc8bab1bcb25007da4
3e8ed004904982da9c027afc46c23b2ec1b1f0504b98e2f7f3278584c5e361ed
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412b546a52d1c7300e61502b17eb5636750f3d105d08b41f0d11cb1f8239fe44
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4220460db38d6f83d385330923c8acadcaa289b3752a7f140ceb7c0720234e5d
4287c42dfa851c2d08b8fb73a4e43f11b7ba2cb30c924e70f52b5db171ec1edf
4344703c2e9d211cfd950a5b6fea61c1eae0a9b5f13b2aaeb7487f4ec3bd2ebb
459760e603c2aad2337c143eda84cbd823ed8c841cd5fa24e27309eb9635f4e5
45d8aeb983ccf7d5a10d2564dca995cac927794124d84980eb2f4ec88adaf154
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dd7329fae693cad6f963d6003d0f43231df94b536c2bfa3c94f25671b9a5ed
47b8f65fcce2734f8881897d33271782dabe6a2b1e0e600027e3b4714df65739
47c0f34429804918e7d8e607dbfae15bd318038bed677f572c87abf263a74766
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ea5787f01c0678de86c7861e830f03a3163a2d3a25ddb8fe3b343725dfeabd
4943fcbefd5ada534396c2b994de0c62d30a1971c1c27056e17be2ddf2229d30
4a1c879bfeb262f4edd56b2cc9db0aa9fec1cf8920ce4903b69cf422aea3969a
4a61fe525a660e3e823d52dc9b2199d8c4204ad1df188d443042f7dc0dce5cc2
4b934bf659361398e91529639181af83a3f96aa8553a24d39e61d99e8b22c19b
4ba6e755468fab85c55eae54ac954178084ea241a28edbac2ebfb7f6357d594d
4c149496f26e28a392aa10b8ed472c8a797fe4ba642ed6a609a2bf8841cb2871
4d190eba56a70ceebc6f30127b9fc2e441601e159e6e6fc56eeaa47ee568670a
4d1dd3c6b168af6b774887c668b6d81ca18bad0ab82c1dfb49f6850f6b3709cd
4d2c2fe9af1897d7f9dc7da8bdae0940e0485b29c8d445aa34a6f691b732c0ad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eeafa7e773c381337f58b0eb4dfe7579e0f3bb26df2dbf3a00cf209a057429c
4f2960e21fb329d75b82b0e597df85726d7118e8201366e520bf2abe21009d28
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f99cfcf453ddc38ef33adeab5c45b48b9d20f0d6c0ded3059acdd805c99d818
50b5e25c6ccabbfc1553fbdbdf2b098572e2d9aef37745468425e668d676b08c
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
514d3e966ae3199042a367442b74190a66ea693b6eff710c33fefd9b99119eef
53cbc16be1f13fb5fee8429b52c9e7a8495935bfaaea29a0dc022010296cb85f
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
5429f05f2bca1b5d0e1c6de4c7f753ea097150966ab9708702906b64b188c20a
550a4d5afbb1c0c9e3dffbf761b2492cf113fc0214b088ec694f310b2277e07d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5608b0639585c425a4e3377ac9f9d987eea1c26d9cb12c1a1d7f46b4f5fdecb7
5724a0fd9b3da6877f562172332ca069d50e542fd28ea471c0c3d273e3293e86
5803cf9fff8491b4b53e3c974734604a2e7ef841325a7d16e8515f5e02fa0ce7
59b5fddb87ca80034316165d356657a6b3435bbdbd31e973262c6caa293249a4
5ae9c0ddff35324c67f97b394a0005ecc69389e2e07e71da27fe0028eee73495
5bf1df0f5a8b5e71529ac7e30f04f64ee11702641bf4a3dc730c83c7a573bf13
5c384008bdfeaa533aae168a9ebbdd7668354b462137e9ed35384a0d65ebf2e9
5c79925707272c212f7217569040807d4254b8b9ff370d0e663d125d17d77fca
5dc30f8cb224f1b80c51ce7cf49f5f37475bc92b400c71a9c228986334aa858b
5e58e54ffd565c483df9dad3c0b4c1825bdace681a26fb396308a9745e1ad0e4
5eb361e37d0302c7ad3690e0ee243dbbfdce1839dc389586c1e2a221a3190042
5ef7f7c3a855bfae0dbaf9d63878f16e50cb207733c945cc98599e9cba855e9c
5f7add0638c6207d7a84267735b9eed3fee3a68696e3ec755fafd5283db0b8f3
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
608f457c002c417768aeafb1752c054f9dd891c8bc5636ad218ea953c29aa6fd
61043b4c772c40083f058e591a0cb3fe99614c16758565533145a766ecdab2fc
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63fa4b43c8c07c94dbb86cccc468194eea36e69e9556bccd4471c2aaa076f8d7
64013cc8145a18e0c8cd0a3ae378f4d516f71c7335e5ab7f84aad5a8630b7e8c
654867dd09f61b351cfbd1bb6997c752a0184226a9ffb5d87d131f2ae8207bc6
66c456b606231cd84cd7408994f7f80580788b94e8e82ef2110dbe3cff907f49
68a60df4b87d559decd7f90cb124c5850a21a7e70de83fc4518589ea72cf1881
69bb259a78c94bdf806b086e9944d7c05ee23346e03f3abde1c8a848fd978f14
6a4b63c39d5a2746c94fe06cd2dd8ebc7f76b66c2bc423d5f0da630c9cd35090
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b11012df763480bcf7b9f083719705f0c83e4e687158dfb082f49736e8aedd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1e865ee34b8c4a738f3ead1190213fa4dda5ae85287e74ad27949e243af89d
6eb4cf4c6d6b648863405c9b0ece8f08300639c4874d19841913b6b50dc12d03
6f977e99004d2e8e564128cd5a002c4cd3d681bf8c6fe9100f81ab8c219c24f4
703019ff03c9dd0aee370e4a81f751ebdaf33ba01d8407b883a8fe209caba4c5
70ec0c14822b0ef04f3cea799cce88680cc3500083c9fd9d06145e05a1f4f50d
71163bc69ff5bf9cea6c1477ae6f7f7034ed805c2c8a85c296bf3900c8ff9a4e
71ddccf5ad2a834a802475f8dcdce1775829a2d8e7fab01f3f03ecf6494e3fe6
71ded45231c6729854590fc18eb1326a187887bfaf5e729e50f7f19878b4a039
7326d5162d6a55e0e61a0f1208ebd6f63664295b1726369a35ef5377f3d5e962
745d298c124bd38392bcef5d3d707004d15989870c3889a50cea881568b585eb
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
75b36825110d0c0737bcda9cd8bc1ccf37bfe4abd6dbfe0d78e604a6f8a90cba
77abdb936aada3ca73686a02b67c124685092907d35c6d2c9c7a189054fa8c1a
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0
7848ecb37eb785be48c3148db33fc388a483df51725196271812517acf07ded7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a40c57d0e780b4e4a2b507814b76a6940c6051fd0d23b016339be7d4c841059
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b7f6dd1c4351caf838aadd7b2972092d630a07a939f7832dd08c55ff9de00b4
7d3c95ed1ebc67ddd9731670bda6031cb505b886813d765b397eda9180c60edd
7d53c8301f65fb67c61645e1fe8e0960a7cbcf47e746baac07c91341aa40d436
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7d998fb54196874a655aefd9dff360558af81c3f854b3f2af47660d990a5e3d5
7e83bdbd9885eccc415e416868155c2b5abb8adb024e01cc7ce8201a1b8be84b
7e8eeff690401dd0378cbff5a174486e70beb94c55fb21cc8d53e9e2ed987880
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7fc0e7b993278da0c73e168a0d685b16cdb99f36de7785d9de363c58307bf4cc
7fd71ff96c2f5347f15fe8e5ebe145b29c04fd12d8eccd60956ceec0827d94a5
800ffb0c3649308cb18b434a52318abd6bbfdce908a3c5c3867aba4877c953f9
82d1a7029b008266e3a0c3f95daa6c22d02f014a0e866fd38e8bc18b3890b99b
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847aa713d95891bc3303368bf4649be8699d5f7a4d72a70aeb4ebc43a51b568f
864396c3d65e948b66dbc5c393afd266f207bdd8c859e69640d06f311b2f0ed1
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
891d2108b46ddcc676d7980b1957a27c137cfedba7ccc9548ddf237b914883ff
89cf4aa7bf7e80c5a8b4b217e47e3c2533ce424ea56633078808022e9fe6bba5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b075e2b402801e3bc84ffd15fa18f2d30715c11f83cc5a85e3a52b5a79da5ba
8b145e77cb29d4743a5beb0959604f57f19ae1bf34f3f250e8cab3ee38dc82d2
8b4cc2e01d30a70efd51e90081015ca2ba5e336bfe441113192062c890661a0c
8cb7cf2195fe888dced2a3242b6c7051e59255af63595a34e76ae42d291fd763
8ccff04baf1f9c6a32d5a7c50f4b8ab0fe71e1957f6dc700eefef163c5579255
8ed183c5e083f96bd47253d3d276b16dbafcecd2184af354be608a2e9854280e
8f1cfc02cb95103ce088d49e98ba6dfa4eaadb10fe50939f8b0cbca742a0802f
8f3347564b1cf14fc65eb1d66b2e0941a735c0c81a837f50bd715bed98e451c7
90205108702e1cc977dfe61bfed8b651145ea4a4c2874c79c622d223a4b41836
905b0132b58d5da3f804dbafbc6eaaaed5241d1d4773a580ce12db6628c5effc
90b5da434bb6f73819b12c820428225aa8a4ee7f161f37bddd81cabed059c67b
90ce667f750a9e163eab1a595468b5794f0d5fb56133b611da1399861dba3086
91411b5954162a3763020415863fec17438020e287ec1822dd99bbf07e6cf991
91746364c402e86202a711c262fba3bba6da76c25c1f3ecf5835207520fcb1ad
92463b9d2cd139c4a84d9e0a7c4bdb6a2f6623eb7e0fe6614afbfc441e94fd99
937ef23013bea5f66b0b225b0f07ebeabd61ea8e3c916cc83a182e4f1897558a
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
955048e735d70910b09573a2cd2a338e328f56a402836203915811809a755b79
95628f1f9076cd20be6e0cedd3915cfb79e0f0eea48aac79e9aa7f64fc5873cf
959c4a6e8dfad550cd19782dba1b1da6b53dd77c09d49596fd677df79530f1a1
964ca71c069ccd8d603944693464d5c0ac56e547d94d804016db89585a094c82
96e832d90b170692b585a04dbafbc08fbf446308af5221b817e3967e409f7677
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4c4704d298180a33b96a8885a8fdf00839321d70b5bc698c55cb13839f34ab
9a8270ba05b239e0f06e1a54f554852d097471d4b3568750045dfbad5b63ccaa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af73bad8550ce4999a7e00775bce7b84d4db635c6fbea7d3bc991053f112e24
9bc0ba72a920e9715634b081c08ae20e167ec3be8082194392c4bbacabef7579
9ccff72abec4cebcf89efafdb43a6fbee38f2287222558e5af4f40d1d6f9ab10
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb
9d6d052075be7dd638db66fa95d19201d9c75512a67f4d5f57ca6bacd18a954a
9e4cde697e3ba7d10291c9a725c83d760576cbfb30aaf21d6f8aa008f1befdde
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06c3d74c6202b70677d1c15c168d28e3717ea2f1a5efb18427bc5825205c249
a0bb12bc1cb0dd34d2c3db06e0e376e55d14453983513e9670973e39ea2b7f65
a0d0afd4cea9e299b444861fca63d7ca055240671485c59da6d32eef2dcaa42e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a21cf24188244a6587b50e7d15e9941c48b2b966749e6c35d678950035c9f387
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a27f8b4e9b63cede49f00dc44fe2bb7f8952278d6db4fa9bc47f722377c2753e
a2bf4b4e25781d6d296be7e589cf42417d485a408aa320a9b300ce2e2e21a7bd
a41bd7159c8860f14829ed9beb02a24e7946983e5ab1ab81bf8924e87b341561
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6fa7d628da2963f9abaef4541a28d5cbabd9f824d6e643bcb0ed9eaaf8ff944
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d
a89ab75ae87833a39ba37958073b8d79c5ed946d3d47b922402e9deda3f4df39
a8faa48443f29a615bc1e2d01bdfad40c6899aaaab29a7d6f96e31fd962f8836
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
aad7616a1ae7320c5f0a52235beafc7340a569d01c47ab0ab18b4817b8c2c263
ab32dd751409fe5f15dbd24ca6468769904165f041b6c52ab01a48f6109d0332
ac673a6aaa230bacab0226a2c3e40f6f4beaf1f47f5f5833ce0efc2bded1a4e7
ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b082e03f6c8051c09aaf347c0b637db91d38caf3df067d126e8e09dfa3abf6e9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1986582274a76476e07d2ee9f5899ae14e961e7aa7293fbd322c6e48efdbcd7
b236aea82ac2205b60e11db45cbf44fad9115315e12f4c742eb306ce9dfce726
b282e040bcc537c8512e04bd12836aea4bd7ddf4948c560f57f5501726ac3554
b2e8e12c2a37c4ce2594ba4e4779ca7d26f5e053d14525ac2e31adeaa977dc39
b3c5ed5fd477a4a8faf9f047c18714c3220ef3d420a5ff283cc5d88e1590dfda
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43a10f713cb2d2ec122925459ef31e8c8ba242e193619c8251bc670eb11a54f
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b6ec190ec47bda2898ccef061edc9f2e18c1d7fec89fb6c627959281219e8176
b8f02caee56bb1393684377933784167af4f39139fae157247c8837be6c0eb7a
b9cbd47c7cbe5fd558dec943451bb26ca533ad2fb274fd07652b2f8b7a1f74de
ba30cd176de6d80ea9d0d8732ec4a4d0e09be5ca149e1b418feb9c7ee859978a
ba7fe154ebeb81b67989350855db8fd8b9fada6ac40bb4fcacf5996929dc9165
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb836331fe0a3d9389f632440a016296ae78df6a82a201728cb8d77d268bdb38
bba1b7fc7dd3e23e4413b4ce0c33462aa68fdfeaae42c8bbc01fc28748fdb356
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b
c02ccf4ffd38f6e1602a17e22029a37e1827a19cc5b202d5268c4f9c9336a38d
c15de2b5340a556c099e0154a767d50bd42c3713fe89bd5c2369def7d93767bf
c1a3fc113d488384b30145d568964ac74587123e78ca73f049f6d87f14ec1aef
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c239366e2ad0e4d8f8a610a5d0df5eb233afaf6e51d4c6afcd56bec0f29a55f4
c396e888895ca520e3f55745579ccff4f78073ae20e192ba53c68c6664b6a338
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c42f5d8493591ebac06e89b38d92e79d04fe618bf35f1260dfb355310a1068e5
c46ebca5ed6f3ed92dd8f601e4829719f52d648579a6ea43f682db7c5d643072
c4e289dff1fe4ec2325af000d36b982b7921754a56ab0ea4b4e5ac5a26fc0696
c6495519c43cfcc35288071e3a44562329d08c3e9d4436638fc8c21ae166675b
c66013cda2311853afac3fb10ca1e7bec5f583d26cfd6eaf8a2a87a610072d05
c6fd0a6857efb7a8b30f34aeb52310fbb3f86fe87488fa60800f92420cd72618
c70acd6df4688836582d1122b88dc7eaeb9be4e903ae1c9caa322da003395afc
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c79ce95c69a5cd8c22dd3de01ba27d485dd0328a41d6dcfe86a9dcd2781477a8
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
c99eeb0ffc836cfbaf142f6a4cc3efcb826d3c112d52bbaa079cc982b773bc1a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7c9529200b9f8f67c483b219880549e83fd8fe424775799b5f427f353b22dc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc424c2b2415fd6bd6f5549630ecd0fdfed5ed40dc9cffe4208c4be8803a5fbf
cc765c2c6c219c6082e91d06ddf23142ebe46f856560a0deda8f04f1c7f03691
ccd9f2624f6e873926fdb49f2b94869b12b549c8e955ce8444f608e71e640434
cece4b4750359db41742b2d940c82e6becd8ddede05bb5526fcf3c41aeb745ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfadb856e85534f7724aa633267d37b3fb272cc18f7abae220019895a6768867
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
cfecd448a2f4010488e30d34344aa392d31a6533e980f98aac0ccbd9b4e36cdf
d02e0b4076f1ae7e103572219aac8ee3932d4bc45119669ec3b01958600d4a5c
d06c7bc1373c95dc27de8b849f8da7248a983fa8ddf1d9c59a2d1cc9c0b207fb
d0caf6ce9f9dcab483bbd5f2b916786afa4765b0e4eca7f6dcd9f98c6d1e7e0d
d0eea652dd20ae3c690f06a7c796a49cbd521f04494f17f2ab4b62ecb2e3bd3d
d18e4c9257743b884550056599fd804fcfe96ea4b1267a5b58dfafee3ec1b50c
d1b3b08263cd160f119b53ce6ea8a44822edb51ee16af4155a6245b917db178f
d1b6eb8437fad9436f32d7af5533e5e259901cf66d569ccc3b56e9bfc1db6fdd
d1f99d61327c68d970edb4b7c0306afa20f034ed56f82496e154dae045c83fa1
d227fc8d96c990b39a45dcc150fd5865c7eea4bcba1993e5c0d697ef18186017
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d37752edff803410d5d34303f4a550f1874afcfb003cfde0da8988bad8fa73e4
d4743991cdbb215c7ca0a2c4f73731132afb1e9b0130ded7efe23c0906882836
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432
d70ff8fc5ce0251d275f9360426ba9fa7a84f74274676abe0271a0ca43fe931b
d74ba02d83d6d3127ed46021227e625e2e097c5aecb097a183e9a07a03104d76
d80a783d7f0b7430b54575ce10d3cb538b602a9a08b4a9dc50b840cf251ec75c
d820f07de3581d48a6d0abc35ec099dc89baa01ab930c8962288566f98c06ae1
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
da86bd7152e642596635cc8a1dff6472589807b284a613c544dfdf5f8eea0490
dc23d4f7bfdc55133576a87aef3892601381d9d724aea639c53d6f896a82588f
dc9b9e9735d3620722247b3e0e02d8dc432a252acbade9af3a81146feefb7085
dc9b9f50d84004d050c7d2e03d7448c3c80970e538d48b6913cffde4931f07c8
dd0a2899442babd62a414f2bd417e15ed8224ac627c2ca6683787a74584040eb
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
ddd5f4997df8fe2ccb85226344096e4cb1c0d04d2b6acd49b4d2c416163dcf45
de00e51d7658c9365355cbe6c6c2ac174c3e23453f60ca93e452d86951cbcff3
de97601ce6741b820d53a4d10c0bd3e23eef58fe9cb7e5105d046fa023343731
df268b78ee36469f79dd175a880835560b3b8812262e2611a12cf6cf676e4cbd
df950ce0b03bf8be917e11b3085a5f51e5291d77100b6ae717d5ce3f4e14a21d
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e09ed6b90ea7e38a34195ce97def0158471006fc7c50dbacfcb4d96b3d4eb7bf
e2fcf5e55b78e1a420c535587437e96998c57a88507cbce21f7ca95c1527e140
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495cf67a02f9ad05bf3383f48c0a421c799d957dc6f645ea7d5f19698eecb34
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6aa7d6173d58dc7930b30df1453ec7da8c039dc42a5280b31550b2935f59951
e7008a089333e09fea421baf591490659d62eea683e92ac1f6b5603fef8fed60
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7d5f5af1c441c50930e0cdfb31c81852f060da90881fed41756e7fccb3fc569
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e993b065ce2b946688eef1341f0b28db3b9b93d6f1bd609a37166abb077ade30
e9d69c8a4ec73cdebe7034660a800df22e019b0d39bc2bef3f68f94bcddc321f
e9e81efc856f66a33ff45c199b47b90901d3257c7fad177816870c892e7acc1a
ea29de266e7016f213d7b97ce84c21f264f8b7d203273fb368821b17effa0788
eb5036284f78857aa2ef1791f9cc736b071928a8c0d6c011f33f2bbfd4a47ee6
eb69d71a4b9708997f84e641a926a82ea92f1a716b3eb1e7cf1ee6fedbb9d08a
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eed74ff0aa65a790c2fe4f86fb1070ad270a6cad8553ce490788a976d6ff0c6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3eda8c428c6068d99d069a0ec24e49e3c6d68d4f273223a4846ef5f7dcc759
ef41212a278b695b42d60b2ab9423983c102297349d13439c5e13abeb3c2aa01
f018e20958bbb2520aad8f06225ae5763587db3500a4c0379679beb785357c3a
f09d8801db1f96c2758655ca4675b62e5ff649fd736bef36396c9bdcdcf57cf0
f13aaab9b9256f8a6d165a3859caa215521202acd72145c90b16035e26de969e
f13ebf8aa6a052331161b451e28161436db794f4c6709caf4dfe1a2ba3ca7363
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
f1f7b44bca6fa1be603ce2616c3a100f43ad9c5bbb2527a645326065b43c3dfa
f21d2da86841eef4c55602a692440536771156c16f1305ffb93deb214b371d52
f232a1e3d2e7077142d07486b2583be2168b22af1ee9ab639dc361a75e79125c
f378a8adc90da1f4b8f6d36ec39dc87ac267fc43d765e3b3cfe7597f87510350
f4961a18ce15e6ac3cc8a3583a62b84118879492071f3501e6a57fee6b89cf96
f49b154dca92f90c7e949fbcf2accbefc5850e0532b31533dc9983ae7d9ca34e
f5226aeea6d61d1ce536482f83567a6114cad48f51847c1e964f73a1a97e48fd
f9f2d2b213cf8c2e24388bcbdd96a151af1320bb4a29555d85b878ad29ec8dc5
facbb9d2a1e30a85a089c59276bbbf78a9ed98230020a76c873cee3a4d51741c
fb5a12af021931567eb06bfe3c613f4a0e0bf2a3ba6ecfb008286b9114b5cda7
fcf5b4508f90e7eb82bc48119b7f5a534672e6fdc2c3e81f29880aba9fbebdaa
fd7ca25e7923a6a619fdd1b9bb559c22cec81e33de92d44c1200a2511393c207
fe87433fa1130af12f23ff8ecc0fc3dd20d3d3f82bacbaca450b708467965cda