Submitted URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5l...
Effective URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sancti...
Submission: On September 29 via api from US — Scanned from DE

Summary

This website contacted 146 IPs in 13 countries across 120 domains to perform 662 HTTP transactions. The main IP is 192.0.66.32, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is nypost.com. The Cisco Umbrella rank of the primary domain is 14262.
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time nypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
95 192.0.66.32 2635 (AUTOMATTIC)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
3 108.138.7.19 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 2600:9000:262... 16509 (AMAZON-02)
4 151.101.194.132 54113 (FASTLY)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:20a... 16509 (AMAZON-02)
1 143.204.98.114 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
1 142.250.186.130 15169 (GOOGLE)
4 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.222.174.111 16509 (AMAZON-02)
40 108.138.7.85 16509 (AMAZON-02)
2 108.156.60.10 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.212.88.20 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
5 130.211.23.194 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
3 142.250.186.102 15169 (GOOGLE)
1 34.36.206.170 396982 (GOOGLE-CL...)
1 13.225.78.6 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 44.206.181.145 14618 (AMAZON-AES)
1 34.110.220.19 396982 (GOOGLE-CL...)
21 18.173.154.9 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:26d... 16509 (AMAZON-02)
12 45.133.44.3 39572 (ADVANCEDH...)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
6 44.219.93.175 14618 (AMAZON-AES)
1 1 2600:9000:20c... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
6 23.53.42.130 20940 (AKAMAI-ASN1)
8 45.133.44.4 39572 (ADVANCEDH...)
9 99.84.87.107 16509 (AMAZON-02)
10 2a0c:5c87:523... 55081 (24SHELLS)
2 44.218.84.96 14618 (AMAZON-AES)
10 3.89.18.112 14618 (AMAZON-AES)
3 18.238.243.114 16509 (AMAZON-02)
3 18.173.191.32 16509 (AMAZON-02)
11 216.52.2.39 32475 (SINGLEHOP...)
8 23.32.184.192 16625 (AKAMAI-AS)
4 51.89.9.253 16276 (OVH)
5 145.40.97.66 54825 (PACKET)
9 11 185.89.211.12 29990 (ASN-APPNEX)
18 185.239.172.77 55081 (24SHELLS)
3 98.98.134.241 21859 (ZEN-ECN)
11 11 46.228.174.117 56396 (AMOBEE)
4 4 46.228.164.11 56396 (AMOBEE)
6 19 104.18.26.193 13335 (CLOUDFLAR...)
2 35.186.253.211 15169 (GOOGLE)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 184.30.211.26 16625 (AKAMAI-AS)
2 108.138.36.46 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a0c:5c87:524... 55081 (24SHELLS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 185.64.190.78 62713 (AS-PUBMATIC)
1 3 54.77.82.203 16509 (AMAZON-02)
1 1 23.201.255.110 16625 (AKAMAI-AS)
6 184.30.22.30 16625 (AKAMAI-AS)
8 9 2.16.238.158 20940 (AKAMAI-ASN1)
2 2 35.244.159.8 15169 (GOOGLE)
1 107.20.23.69 14618 (AMAZON-AES)
9 108.59.7.241 30633 (LEASEWEB-...)
1 3.210.64.86 14618 (AMAZON-AES)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
9 35.71.131.137 16509 (AMAZON-02)
10 10 216.58.206.34 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 3.69.181.181 16509 (AMAZON-02)
2 5 52.59.55.175 16509 (AMAZON-02)
1 2 185.86.139.93 201081 (SMARTADSE...)
1 178.250.7.11 44788 (ASN-CRITE...)
2 4 67.220.226.233 16509 (AMAZON-02)
2 2 2620:116:800d... 16509 (AMAZON-02)
8 198.47.127.205 62713 (AS-PUBMATIC)
8 185.64.191.210 62713 (AS-PUBMATIC)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
1 1 54.159.101.13 14618 (AMAZON-AES)
2 3 151.101.194.49 54113 (FASTLY)
1 35.214.145.249 15169 (GOOGLE)
6 6 52.208.155.163 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 63.251.232.165 32475 (SINGLEHOP...)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.186.193.173 15169 (GOOGLE)
1 1 193.0.160.130 54312 (ROCKETFUEL)
2 2 213.155.156.184 1299 (TWELVE99 ...)
1 34.102.163.6 396982 (GOOGLE-CL...)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 52.51.213.166 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 2 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.197.82.124 14618 (AMAZON-AES)
3 5 37.157.5.84 198622 (ADFORM)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
2 3 3.71.149.231 16509 (AMAZON-02)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 134.122.57.34 14061 (DIGITALOC...)
5 18.173.187.64 16509 (AMAZON-02)
2 54.217.141.48 16509 (AMAZON-02)
5 18.185.4.235 16509 (AMAZON-02)
3 185.64.189.112 62713 (AS-PUBMATIC)
4 185.255.84.151 200271 (IGUANE-)
4 185.89.210.46 29990 (ASN-APPNEX)
4 185.86.138.121 201081 (SMARTADSE...)
13 2602:803:c003... 26667 (RUBICONPR...)
3 2a02:2638:3::7 44788 (ASN-CRITE...)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 185.184.8.90 204995 (RTB-HOUSE...)
6 46.228.174.115 56396 (AMOBEE)
2 52.58.77.4 16509 (AMAZON-02)
2 4 193.3.178.3 399668 (E-PLANNING-)
1 185.106.140.18 7979 (SERVERS-COM)
1 2 37.157.3.20 198622 (ADFORM)
3 69.173.144.165 26667 (RUBICONPR...)
2 185.86.139.96 201081 (SMARTADSE...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 23.19.226.131 396362 (LEASEWEB-...)
2 198.47.127.20 62713 (AS-PUBMATIC)
6 2a02:2638:d::2 44788 (ASN-CRITE...)
1 1 141.94.240.141 16276 (OVH)
2 2 141.94.171.212 16276 (OVH)
1 23.88.86.2 24940 (HETZNER-AS)
1 22 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
2 2 141.94.170.64 16276 (OVH)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
8 2a02:2638:d::d 44788 (ASN-CRITE...)
10 162.19.138.116 16276 (OVH)
5 52.18.182.246 16509 (AMAZON-02)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 130.211.16.136 15169 (GOOGLE)
2 76.223.111.18 16509 (AMAZON-02)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 34.241.182.209 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 185.15.245.82 24961 (MYLOC-AS ...)
1 1 54.154.110.236 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 18.203.183.215 16509 (AMAZON-02)
1 1 34.231.224.57 14618 (AMAZON-AES)
1 2.23.197.190 16625 (AKAMAI-AS)
2 2 52.16.240.14 16509 (AMAZON-02)
2 69.173.144.139 26667 (RUBICONPR...)
5 162.19.138.119 16276 (OVH)
8 169.197.150.7 398989 (DEEPINTENT)
1 1 8.2.110.113 46636 (NATCOWEB)
5 209.192.201.180 ()
1 34.120.133.55 396982 (GOOGLE-CL...)
1 69.173.144.137 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:6ea0:c70... ()
1 2a02:6ea0:c70... ()
662 146
Apex Domain
Subdomains
Transfer
101 nypost.com
nypost.com — Cisco Umbrella Rank: 14262
zephr-v4.nypost.com — Cisco Umbrella Rank: 37422
pbcs.nypost.com — Cisco Umbrella Rank: 36770
nid.nypost.com — Cisco Umbrella Rank: 63874
sac.nypost.com — Cisco Umbrella Rank: 32926
2 MB
73 spot.im
launcher.spot.im — Cisco Umbrella Rank: 7039
direct-events-collector.spot.im — Cisco Umbrella Rank: 6129
static-cdn.spot.im — Cisco Umbrella Rank: 6022
publisher-assets.spot.im — Cisco Umbrella Rank: 6358
open-api.spot.im — Cisco Umbrella Rank: 14906
api-2-0.spot.im — Cisco Umbrella Rank: 3664
pix.spot.im — Cisco Umbrella Rank: 6447
images.spot.im — Cisco Umbrella Rank: 9661
900 KB
34 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 837
image6.pubmatic.com — Cisco Umbrella Rank: 1171
image2.pubmatic.com — Cisco Umbrella Rank: 1547
simage2.pubmatic.com — Cisco Umbrella Rank: 1265
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 840
simage4.pubmatic.com — Cisco Umbrella Rank: 1746
69 KB
28 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 8872
sync.adtelligent.com — Cisco Umbrella Rank: 4457
ghb.adtelligent.com — Cisco Umbrella Rank: 7086
ghb1.adtelligent.com — Cisco Umbrella Rank: 10578
211 KB
26 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1537
eus.rubiconproject.com — Cisco Umbrella Rank: 916
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
token.rubiconproject.com — Cisco Umbrella Rank: 764
pixel.rubiconproject.com — Cisco Umbrella Rank: 649
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1314
46 KB
24 spotim.market
player.spotim.market — Cisco Umbrella Rank: 9384
ghb.spotim.market — Cisco Umbrella Rank: 10940
sync.spotim.market — Cisco Umbrella Rank: 4005
396 KB
24 ex.co
player.ex.co — Cisco Umbrella Rank: 15670
collector.ex.co — Cisco Umbrella Rank: 15087
mcd-playlist.ex.co — Cisco Umbrella Rank: 35002
cdn.ex.co — Cisco Umbrella Rank: 16816
sync.ex.co
gpv.ex.co — Cisco Umbrella Rank: 18167
large-img.ex.co — Cisco Umbrella Rank: 88274
501 KB
22 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 4098
spl.zeotap.com — Cisco Umbrella Rank: 3966
7 KB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 404
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 945
aax.amazon-adsystem.com — Cisco Umbrella Rank: 541
s.amazon-adsystem.com — Cisco Umbrella Rank: 429
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1066
216 KB
19 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026
htlb.casalemedia.com — Cisco Umbrella Rank: 803
ssum.casalemedia.com
14 KB
18 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
ad.doubleclick.net — Cisco Umbrella Rank: 180
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net — Cisco Umbrella Rank: 329
323 KB
13 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1393
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1398
sync.crwdcntrl.net — Cisco Umbrella Rank: 1377
id.crwdcntrl.net — Cisco Umbrella Rank: 3750
27 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 635
309 KB
12 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 910
bidder.criteo.com — Cisco Umbrella Rank: 949
gum.criteo.com — Cisco Umbrella Rank: 640
2 KB
12 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1223
id5-sync.com — Cisco Umbrella Rank: 687
68 KB
12 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2710
track1.aniview.com — Cisco Umbrella Rank: 2842
go1.aniview.com — Cisco Umbrella Rank: 7540
279 KB
11 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 17667
s-13.channelexco.com — Cisco Umbrella Rank: 133602
e.channelexco.com — Cisco Umbrella Rank: 16532
38 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 360
secure.adnxs.com — Cisco Umbrella Rank: 806
8 KB
11 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1012
2 KB
10 btloader.com
btloader.com — Cisco Umbrella Rank: 1773
api.btloader.com — Cisco Umbrella Rank: 1917
21 KB
9 deepintent.com
cdn.deepintent.com — Cisco Umbrella Rank: 11452
match.deepintent.com — Cisco Umbrella Rank: 1610
3 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 637
2 KB
9 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 919
7 KB
9 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2128
targeting.unrulymedia.com — Cisco Umbrella Rank: 1375
2 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
assets.a-mo.net — Cisco Umbrella Rank: 2804
2 KB
8 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1096
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 1011
prg.smartadserver.com — Cisco Umbrella Rank: 2163
www9.smartadserver.com — Cisco Umbrella Rank: 14450
4 KB
8 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1662
208 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 933
4 KB
7 adform.net
dmp.adform.net — Cisco Umbrella Rank: 4243
c1.adform.net — Cisco Umbrella Rank: 954
adx.adform.net — Cisco Umbrella Rank: 3884
cm.adform.net
4 KB
6 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
175 KB
6 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 14784
user-sync.adxpremium.services
6 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 950
3 KB
6 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2688
500 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
423 KB
6 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1963
3 KB
5 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313
2 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1680
767 B
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 509
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 783
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2484
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 614
1 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1059
p.typekit.net — Cisco Umbrella Rank: 1428
55 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 802
2 KB
4 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 18527
pixel.onaudience.com — Cisco Umbrella Rank: 3680
2 KB
4 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 8725
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 970
eb2.3lift.com — Cisco Umbrella Rank: 713
1 KB
4 adnxs-simple.com
ib.adnxs-simple.com — Cisco Umbrella Rank: 8970
3 KB
4 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3797
3 KB
4 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 18714
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30144
1 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1029
u.openx.net — Cisco Umbrella Rank: 1024
1016 B
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 1432
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1153
4 google.com
www.google.com — Cisco Umbrella Rank: 11
30 KB
4 rebelhen.com
rebelhen.com — Cisco Umbrella Rank: 36996
27 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1035
usermatch.krxd.net — Cisco Umbrella Rank: 2755
940 B
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1237
1 KB
3 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4376
dmp.v.fwmrm.net — Cisco Umbrella Rank: 20557
2 KB
3 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4264
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 5593
889 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2364
a.ad.gt — Cisco Umbrella Rank: 2797
4 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186
561 B
3 media.net
warp.media.net — Cisco Umbrella Rank: 3467
prebid.media.net — Cisco Umbrella Rank: 1975
38 KB
2 vidoomy.com
vid.vidoomy.com
vpaid.vidoomy.com
19 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
14 KB
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 657
355 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 49233
427 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 319
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1069
3 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 2139
1 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7041
345 B
2 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 6899
777 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1332
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1469
s.tribalfusion.com — Cisco Umbrella Rank: 3247
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 7132
562 B
2 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5981
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164
1 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1260
1 KB
2 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2416
19 KB
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 6028
262 B
2 medocdn.com
p.medocdn.com — Cisco Umbrella Rank: 50099
38 KB
2 flourstech.com
p.flourstech.com — Cisco Umbrella Rank: 115348
38 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
174 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3500
pixel.wp.com — Cisco Umbrella Rank: 3212
3 KB
2 flipboard.com
cdn.flipboard.com — Cisco Umbrella Rank: 16041
4 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 958
546 B
2 illicitedge.com
info.illicitedge.com
5 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 408
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1465
249 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 13380
484 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 1088
145 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 2038
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 936
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 18886
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 121654
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 10313
324 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 907
203 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 18621
3 KB
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 5800
463 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 11001
1 erne.co
green.erne.co — Cisco Umbrella Rank: 27364
412 B
1 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 18195
388 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3359
555 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 8195
279 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 5404
482 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1417
795 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 7500
359 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2169
553 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 2200
283 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 957
705 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1499
91 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1241
1 KB
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2779
424 B
1 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 5199
365 B
1 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4247
159 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 3185
453 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3974
455 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 851
482 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 178
19 KB
1 videoplayerhub.com
nypost-com.videoplayerhub.com — Cisco Umbrella Rank: 37004
460 B
0 richaudience.com Failed
sync.richaudience.com Failed
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
662 120
Domain Requested by
95 nypost.com info.illicitedge.com
nypost.com
40 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
nypost.com
21 api-2-0.spot.im static-cdn.spot.im
17 mwzeom.zeotap.com nypost.com
spl.zeotap.com
13 fastlane.rubiconproject.com player.spotim.market
13 cdn.cookielaw.org nypost.com
cdn.cookielaw.org
11 ap.lijit.com rumcdn.geoedge.be
nypost.com
player.spotim.market
adxbid.info
10 id5-sync.com player.adtelligent.com
player.spotim.market
cdn.ex.co
10 cm.g.doubleclick.net 10 redirects
10 sync.adtelligent.com nypost.com
player.spotim.market
ads.pubmatic.com
10 ssum-sec.casalemedia.com 4 redirects nypost.com
player.spotim.market
cdn.ex.co
ssum-sec.casalemedia.com
js-sec.indexww.com
10 ib.adnxs.com 8 redirects spl.zeotap.com
cdn.ex.co
10 sync.ex.co cdn.ex.co
nypost.com
ssum-sec.casalemedia.com
ads.stickyadstv.com
ads.pubmatic.com
9 match.adsrvr.org ssum-sec.casalemedia.com
nypost.com
ads.stickyadstv.com
ads.pubmatic.com
player.spotim.market
spl.zeotap.com
cdn.ex.co
9 ads.stickyadstv.com 8 redirects cdn.ex.co
9 c.amazon-adsystem.com player.spotim.market
c.amazon-adsystem.com
cdn.ex.co
8 match.deepintent.com cdn.deepintent.com
8 gum.criteo.com player.adtelligent.com
player.spotim.market
8 simage2.pubmatic.com ads.pubmatic.com
nypost.com
8 image2.pubmatic.com ads.pubmatic.com
nypost.com
8 p.channelexco.com cdn.ex.co
8 ghb.adtelligent.com p.flourstech.com
p.medocdn.com
player.spotim.market
8 secure.cdn.fastclick.net rumcdn.geoedge.be
secure.cdn.fastclick.net
8 sync.1rx.io 8 redirects
8 sync.spotim.market rumcdn.geoedge.be
prebid.a-mo.net
player.spotim.market
8 ads.pubmatic.com rumcdn.geoedge.be
cdn.ex.co
nypost.com
player.spotim.market
adxbid.info
8 ghb.spotim.market player.spotim.market
8 player.adtelligent.com player.spotim.market
p.flourstech.com
p.medocdn.com
player.adtelligent.com
8 player.spotim.market info.illicitedge.com
rumcdn.geoedge.be
6 static.criteo.net player.spotim.market
static.criteo.net
player.adtelligent.com
6 targeting.unrulymedia.com player.spotim.market
cdn.ex.co
6 match.prod.bidr.io 6 redirects
6 eus.rubiconproject.com cdn.ex.co
eus.rubiconproject.com
player.spotim.market
6 track1.aniview.com nypost.com
player.aniview.com
6 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
6 ad-delivery.net nypost.com
c.aaxads.com
5 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
5 lb.eu-1-id5-sync.com player.adtelligent.com
player.spotim.market
cdn.ex.co
5 id.crwdcntrl.net player.adtelligent.com
player.spotim.market
cdn.ex.co
5 spl.zeotap.com 1 redirects player.adtelligent.com
spl.zeotap.com
5 htlb.casalemedia.com player.spotim.market
cdn.ex.co
5 btlr.sharethrough.com player.spotim.market
cdn.ex.co
5 images.spot.im nypost.com
5 x.bidswitch.net 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
spl.zeotap.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
5 prebid.a-mo.net rumcdn.geoedge.be
player.adtelligent.com
player.spotim.market
5 api.btloader.com nypost-com.videoplayerhub.com
c.aaxads.com
5 btloader.com 2 redirects nypost.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 pbjs.e-planning.net 2 redirects nypost.com
4 prg.smartadserver.com player.spotim.market
4 ib.adnxs-simple.com player.spotim.market
4 hb-api.omnitagjs.com player.spotim.market
4 a.audrte.com 3 redirects nypost.com
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
spl.zeotap.com
4 assets.a-mo.net prebid.a-mo.net
4 ad.turn.com 4 redirects
4 onetag-sys.com rumcdn.geoedge.be
player.spotim.market
4 cdn.ex.co player.ex.co
cdn.ex.co
4 player.aniview.com static-cdn.spot.im
player.aniview.com
4 securepubads.g.doubleclick.net info.illicitedge.com
rumcdn.geoedge.be
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com nypost.com
www.gstatic.com
www.google.com
4 rebelhen.com nypost.com
rebelhen.com
4 use.typekit.net nypost.com
use.typekit.net
3 token.rubiconproject.com eus.rubiconproject.com
3 bidder.criteo.com player.spotim.market
player.adtelligent.com
3 hbopenbid.pubmatic.com player.spotim.market
3 c1.adform.net 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects nypost.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 sync.targeting.unrulymedia.com 3 redirects
3 pixel-sync.sitescout.com nypost.com
player.spotim.market
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 config.aps.amazon-adsystem.com rumcdn.geoedge.be
c.amazon-adsystem.com
3 collector.ex.co player.ex.co
3 ad.doubleclick.net nypost.com
c.aaxads.com
3 zephr-v4.nypost.com nypost.com
2 pagead2.googlesyndication.com imasdk.googleapis.com
2 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
2 pixel.rubiconproject.com spl.zeotap.com
adxbid.info
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dpm.demdex.net 2 redirects
2 eb2.3lift.com player.spotim.market
adxbid.info
2 js-sec.indexww.com player.spotim.market
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects nypost.com
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 e.channelexco.com cdn.ex.co
2 large-img.ex.co nypost.com
cdn.ex.co
2 www9.smartadserver.com cdn.ex.co
2 tlx.3lift.com player.spotim.market
cdn.ex.co
2 ghb1.adtelligent.com player.spotim.market
2 prebid-eu.creativecdn.com player.spotim.market
2 prebid.media.net player.spotim.market
2 exchange.postrelease.com player.spotim.market
2 pr-bh.ybp.yahoo.com 1 redirects nypost.com
2 ups.analytics.yahoo.com 1 redirects nypost.com
2 um.simpli.fi 1 redirects nypost.com
2 dmp.adform.net 1 redirects spl.zeotap.com
2 idsync.frontend.weborama.fr 1 redirects nypost.com
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.bumlam.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 cms.quantserve.com 2 redirects
2 1f2e7.v.fwmrm.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 id.hadron.ad.gt cdn.hadronid.net
2 u.openx.net 2 redirects
2 cdn.id5-sync.com rumcdn.geoedge.be
2 cdn.hadronid.net info.illicitedge.com
2 tags.crwdcntrl.net rumcdn.geoedge.be
2 c.aaxads.com 2 redirects
2 rtb.openx.net nypost.com
player.spotim.market
2 go1.aniview.com player.aniview.com
2 p.medocdn.com rumcdn.geoedge.be
p.medocdn.com
2 p.flourstech.com rumcdn.geoedge.be
p.flourstech.com
2 pix.spot.im static-cdn.spot.im
2 fonts.gstatic.com www.google.com
2 mcd-playlist.ex.co player.ex.co
nypost.com
2 publisher-assets.spot.im launcher.spot.im
nypost.com
2 www.googletagmanager.com nypost.com
www.googletagmanager.com
2 cdn.flipboard.com nypost.com
2 player.ex.co nypost.com
player.ex.co
2 geolocation.onetrust.com cdn.cookielaw.org
2 info.illicitedge.com 1 redirects
1 cm.adform.net 1 redirects
1 vpaid.vidoomy.com vid.vidoomy.com
1 ssum.casalemedia.com 1 redirects
1 vid.vidoomy.com adxbid.info
1 s0.2mdn.net imasdk.googleapis.com
1 prebid-server.rubiconproject.com cdn.ex.co
1 api.rlcdn.com cdn.ex.co
1 as.ck-ie.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net 1 redirects
1 trc.taboola.com spl.zeotap.com
1 cdn.deepintent.com player.spotim.market
1 adxbid.info player.adtelligent.com
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 creatives.sascdn.com nypost.com
1 adx.adform.net player.adtelligent.com
1 rtb.adxpremium.services player.adtelligent.com
1 s-13.channelexco.com nypost.com
1 a.ad.gt rumcdn.geoedge.be
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com nypost.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ad.mrtnsvr.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 ssbsync.smartadserver.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 gpv.ex.co cdn.ex.co
1 vop.sundaysky.com nypost.com
1 secure-assets.rubiconproject.com 1 redirects
1 assets-jpcust.jwpsrv.com nypost.com
1 cdn.jwplayer.com 1 redirects
1 sac.nypost.com nid.nypost.com
1 www.google.de nypost.com
1 open-api.spot.im nypost.com
1 nid.nypost.com www.googletagmanager.com
1 pixel.wp.com nypost.com
1 static.adsafeprotected.com nypost.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 warp.media.net pbcs.nypost.com
1 direct-events-collector.spot.im launcher.spot.im
1 www.googleadservices.com nypost.com
1 stats.wp.com nypost.com
1 launcher.spot.im nypost.com
1 nypost-com.videoplayerhub.com 1 redirects
1 pbcs.nypost.com nypost.com
1 p.typekit.net use.typekit.net
0 csi.gstatic.com Failed imasdk.googleapis.com
0 sync.richaudience.com Failed spl.zeotap.com
0 sync.tidaltv.com Failed spl.zeotap.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
662 202
Subject Issuer Validity Valid
info.illicitedge.com
GTS CA 1P5
2023-08-02 -
2023-10-31
3 months crt.sh
nypost.com
R3
2023-09-22 -
2023-12-21
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-12-13 -
2023-12-13
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
zephr-v4.pagesix.com
Amazon RSA 2048 M01
2023-06-24 -
2024-07-22
a year crt.sh
pbcs.nypost.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2
2023-06-08 -
2024-07-09
a year crt.sh
*.flipboard.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-12
a year crt.sh
*.spot.im
Amazon RSA 2048 M02
2023-09-03 -
2024-09-30
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
rebelhen.com
R3
2023-08-07 -
2023-11-05
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
api.btloader.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-19 -
2024-02-19
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
nid.nypost.com
GTS CA 1D4
2023-08-11 -
2023-11-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
www.google.de
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
v2.pixel.nypp.data.newscorp.com
GTS CA 1D4
2023-08-21 -
2023-11-19
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-08-12 -
2024-09-09
a year crt.sh
player.spotim.market
R3
2023-08-18 -
2023-11-16
3 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-11 -
2024-09-11
a year crt.sh
cdn.ex.co
R3
2023-08-16 -
2023-11-14
3 months crt.sh
player.adtelligent.com
R3
2023-09-16 -
2023-12-15
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA
2023-08-19 -
2023-11-17
3 months crt.sh
p.flourstech.com
R3
2023-08-12 -
2023-11-10
3 months crt.sh
p.medocdn.com
R3
2023-08-15 -
2023-11-13
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-02-20 -
2024-03-20
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.a-mo.net
R3
2023-08-07 -
2023-11-05
3 months crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA
2023-09-21 -
2023-12-20
3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-09-21 -
2023-12-20
3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
hadronid.net
GTS CA 1P5
2023-08-07 -
2023-11-05
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-07-31 -
2023-10-29
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2023-04-16 -
2024-04-16
a year crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-11 -
2024-07-11
a year crt.sh
*.channelexco.com
R3
2023-07-23 -
2023-10-21
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
loopme.com
R3
2023-08-23 -
2023-11-21
3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
ad.mrtnsvr.com
GTS CA 1D4
2023-09-06 -
2023-12-05
3 months crt.sh
*.iprom.net
R3
2023-08-16 -
2023-11-14
3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01
2023-02-09 -
2024-02-16
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2023-02-27 -
2024-03-29
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-08-31 -
2023-11-29
3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1
2023-03-29 -
2024-04-28
a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2023-08-03 -
2023-11-01
3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA
2023-05-10 -
2024-05-10
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-08-05
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-07-14 -
2024-07-17
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
truffle.bid
R3
2023-08-10 -
2023-11-08
3 months crt.sh
*.id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
adxbid.info
E1
2023-08-09 -
2023-11-07
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-29 -
2024-06-11
a year crt.sh
dmp.theadex.com
R3
2023-08-22 -
2023-11-20
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-03-29
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-14 -
2024-04-12
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.eu-1-id5-sync.com
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA
2023-09-06 -
2024-10-06
a year crt.sh

This page contains 87 frames:

Primary Page: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Frame ID: 95F845F3C99DACA5D5463BE9EBEFC4CB
Requests: 258 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Frame ID: E93A717A0CA280C1F8C8A3B9A4956EA9
Requests: 7 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 2057FDB6E001F4D15362DD81EA788BF7
Requests: 75 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: E5B65E0C6185FAA3F78B54AB621539A5
Requests: 78 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: F5AE1160643996B53593476ED87825B5
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 60F98F74B3B11E0723CB7655483A7B51
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1328577775&gdpr=0&gdpr_consent=
Frame ID: 3CC45CAD6F444133E046DFE17D3B4C83
Requests: 7 HTTP requests in this frame

Frame: https://p.flourstech.com/prebidlink/19629/j.html?i=12915
Frame ID: FA0EFA0943CBE2D84BA86AF383646018
Requests: 15 HTTP requests in this frame

Frame: https://p.medocdn.com/prebidlink/19629/j.html?i=11596
Frame ID: 0F6D88E4A6F55600140DE3852C482F37
Requests: 19 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 3E758D1094CEC7B23AB40BA96076558B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: F2039704B51B3B2C9C59C5DB653D28C5
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: 060DB2373B8A552260043D85353429DA
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 708447832F450F94025E33B4678A5D50
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: C4C309E62B5E60C3D7A3D128F729C838
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: 53DA7B51FD2DBDF348F8F25687F7DF48
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7772B8A5DC533023BCD71CD26E2CEC77
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: 65EFE4B46D6E129BF9DA7C6EEDB79953
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: A9179330207864FBF63208BB338CD88C
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 15DB97F9164DE9942287B405C3E7DCDC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: 8267C7AB812E8F722E28B7CD93E7E45A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Frame ID: F83EE8DEC3707AF0CAF3DA922933CB85
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Frame ID: 17D62D2E06FF5934D848F6CB9E508D1E
Requests: 3 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Frame ID: A7E30F6E0E9A5DE6D9600166ECDAA0D1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E9A326CEA4ACAA125EA8ED907B50C72C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 69D07B8989E96B1CF52454050A020412
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
Frame ID: 666D7B63D2051CE115AD60F982529739
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7860270711371651961&gdpr=0&gdpr_consent=
Frame ID: 755C036B88B0FF2B414E1F068A96D607
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284281421854144659&gdpr=0&gdpr_consent=
Frame ID: BA9A16076E8AF1A8DF73BADF5FFE0AA8
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=476&user_id=f320759a-5ee2-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e
Frame ID: CEBB40AD390E9145E455D6D6C33CBCCB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Frame ID: DB74EAC77F1030F3A1F7EA58D36ACB4A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRb3XAAQzh9rdABV
Frame ID: 8E66A31667E1D0099ABF183F4B55F7E1
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: C61AE6A3EA9709C02397D934B752C1D8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGw_U7KLe8AABgaSRCwMg&gdpr=0&gdpr_consent=
Frame ID: 27FA2D4324122D1A247FB0BC475A65D0
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 5757786637F5F14B786F0663F1BD73C4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3b21b93bc5af4a11b196253722b18f5a
Frame ID: EE325A4E0EC2E2A4482EA91779B6176C
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: DB470137EE9885F93B20193E1B1B6A72
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421362072988
Frame ID: 75E8279495B2E0BA9621459131E03B42
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1200975841872454649
Frame ID: 02EDBEF8F78113CD1E3D9978BACF78BA
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: DD1EC4E5C0CF7AC58FD7A2D76F26B5DD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: A62CD0388FCB7B7FF2A508F79821C13B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0FA972E111A2D7B938BEAEEDF6E8DDCD
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 3FEC6066766174BD953443CC6D0F5425
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 134C65C50A514D321723F99D11FCA575
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Frame ID: 1B1524FD58D744AF738E5A3B55BC7AB0
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=8d41efbda86fcf4263ca29ff1d2dff
Frame ID: C76EB8DF87737CBD2FA71F737C0F7461
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 5B59C3F32DCA35579ADB7AB0BDC0167F
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Frame ID: 74A3EAC4AD4AA0C4BFBAC43DA3CBCA12
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
Frame ID: EA04924670401D08BA92A7B11CCECD9B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaggjgbggbannTVQU&gdpr=0&gdpr_consent=
Frame ID: 0FE149C9C9291C9BFE2E6D7BA99BF150
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 6AEF7FCA91CFDEBB84D88F4AD0164336
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B7D66492643D4D7DA9C652C79BA77048&gdpr=0&gdpr_consent=
Frame ID: AD7748027E0F9DD2C12A3E323F084407
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6847846759
Frame ID: 573ADB47CEFFB0482EFC451149CD2CCF
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 97E7FDE901F3484CD53490E62D354CE8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 76BBCED5B67EEBE0BE3077CF44FA5C10
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 07E6C46D0EC2DDC18C62B9F21E45BD1C
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: C8051E5EFA46A273FE1C7F4C86D5591B
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 1F55DAEB5457915602A8DDACC0C9E3B5
Requests: 32 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: AB4AE81DF1E973201C00D9935E903DB9
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 575237380D2A039F59108E496E4CBE39
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Frame ID: DF00A9F76D576F4B43E0C7DE693B8CED
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: F7344F7A31E153243CFF2BD48A5915BC
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Frame ID: D6BB5D1109AE91C59D40E751D0A27B00
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 49933778F5F74EE25A0BD43A1A707DF9
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9AD6A490D5136410303C0872C255B06E
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: A86B8C16A56386D59C9AA7A8F785ECCB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: 2E3112A685C2934E7878534C0A0A3372
Requests: 3 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D43550E99ECB724A2C519EFEFF8709F7
Requests: 7 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: C7EDF3A7394403BBD05A1294F5C7F99C
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 56AFD73142DF2E28CCF847BBDEEE2E85
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 58BEC610A3A0E4C290F12E2BA462DFF9
Requests: 3 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: A65CA0EB35DC7DB1F52BA8C017484D76
Requests: 9 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 58B0EC73CD836659243D69DBF141F556
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Frame ID: FEC505FEEFD5B987E68155BD46124B56
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&
Frame ID: C7753EDE20205A545EFE8B26D9A6495F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Frame ID: ED907B5277054249F4BFFB0B41BC0A26
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: EEB003EA019043F64AF96AC19C8B666D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Frame ID: B276AF62B0507393DDCC08D43DE20DD8
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Frame ID: F3299DEA0FB3AFFF0D707630FCAC42AB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1A075A51D7838AC8EF192792BB13938D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6DC1CCEADFC66FEFB94AABA46ACCE753
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: 0A2AAEA23AABC59D7F4557C3083EEC18
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F367EC24249FDBA046A25CB4B7FB4136
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: A67E99EDDD1AB66EFCDC1654E4921793
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: C6727296A818F3C52B5ACF7E101F71A5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A8C5EFFE2556D7A4E22143F05BB47FE9
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 7B270ED273CE0FB8C5B1B3E7F358C7C8
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Frame ID: 99B5139A15BDD09FD1E7E5EF1E7A9545
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Russian oligarch rented out landmark NYC mansion days before getting hit by US sanctions: sources Back ButtonFilter Button

Page URL History Show full URLs

  1. https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5... Page URL
  2. https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW... HTTP 307
    https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-gett... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

662
Requests

92 %
HTTPS

28 %
IPv6

120
Domains

202
Subdomains

146
IPs

13
Countries

7630 kB
Transfer

26687 kB
Size

126
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04 Page URL
  2. https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04?_ud=7db85443-b42d-4b23-a3e2-635755ceae90&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0 HTTP 301
  • https://btloader.com/tag?h=nypost-com&upapi=true
Request Chain 231
  • https://cdn.jwplayer.com/v2/media/4iAMHQk9/poster.jpg?width=1920 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/IXBvYOvB-1920.jpg
Request Chain 284
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BGDPR_CONSENT_STRING%255D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 286
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1696003932089 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5392436586 HTTP 302
  • https://sync.1rx.io/usersync/turn/3746808186033006133?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b490af-480f-4f24-bca2-d4d621dc4945-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Request Chain 288
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
Request Chain 294
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Request Chain 301
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2178748830 HTTP 302
  • https://sync.1rx.io/usersync/turn/3674750591995078197?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b490af-480f-4f24-bca2-d4d621dc4945-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BGDPR_CONSENT_STRING%255D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 306
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XBdfXs4eDHEr5l6q9wAA%265289
Request Chain 316
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Request Chain 335
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Request Chain 337
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b2e26b17-dbb3-40dd-a2b8-a423b4e38382
Request Chain 339
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4127799284 HTTP 302
  • https://sync.1rx.io/usersync/turn/3530635403919222325?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b490af-480f-4f24-bca2-d4d621dc4945-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Request Chain 340
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7860270711371651961
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzlKQFYqsUdwZ6v2zkZEYM&google_cver=1
Request Chain 363
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 364
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRb3XP6crRPKPLFr5.UKNQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAHZfJWCiRD3Vh0s8LRNRVg&google_cver=1&google_hm=2
Request Chain 365
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711728732&external_user_id=3e67b57d-b538-42e7-aa54-5b6961447a04
Request Chain 366
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8d41efbda86fcf4263ca29ff1d2dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7284281978830239979&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGQ0MWVmYmRhODZmY2Y0MjYzY2EyOWZmMWQyZGZm&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBIeW6FGADxPE1ioAP_y-yI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 372
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 373
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
Request Chain 374
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7860270711371651961&gdpr=0&gdpr_consent=
Request Chain 375
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284281421854144659&gdpr=0&gdpr_consent=
Request Chain 376
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjc7tuoBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEPMgdZpe4hHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGZkNGYzMTU3LTViY2UtNGE4MS1hNzgwLTEwNzU3NjU2YzM0ZQ** HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=f320759a-5ee2-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e
Request Chain 377
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Request Chain 378
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRb3XAAQzh9rdABV
Request Chain 380
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHd19VN0tMZThBQUJnYVNSQ3dNZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGw_U7KLe8AABgaSRCwMg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6971442829193981175&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAGw_U7KLe8AABgaSRCwMg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6971442829193981175%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6971442829193981175&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGw_U7KLe8AABgaSRCwMg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGw_U7KLe8AABgaSRCwMg&gdpr=0&gdpr_consent=
Request Chain 382
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3b21b93bc5af4a11b196253722b18f5a
Request Chain 384
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421362072988
Request Chain 385
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1200975841872454649
Request Chain 388
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wQk21vxjSh2elD30Xy9vDg%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 393
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=883531833 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Request Chain 394
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDRnbEVDbVJjbU5TRUdOWVNNNng0TFlsUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6257942833171685156&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzEwOTM2RDYtRkM2My00QTFELTlFOTQtM0RGNDVGMkY2RjBF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjlapJz6rrxx4ScRCirdOg&google_cver=1
Request Chain 398
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6257942833171685156
Request Chain 404
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3530635403919222325&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 405
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ab145284-6c76-46b2-aed2-d49edbefa6f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 407
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8d41efbda86fcf4263ca29ff1d2dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7284281978830276197&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGQ0MWVmYmRhODZmY2Y0MjYzY2EyOWZmMWQyZGZm&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBIeW6FGADxPE1ioAP_y-yI&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AAGw_U7KLe8AABgaSRCwMg&dataProviderId=817&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/8d41efbda86fcf4263ca29ff1d2dff?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-0wj3QphE2oMXTqMXH2tbWhRI5AVpjjKqwFlSuQvp~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 483
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=50f944ea-d50e-44d6-860a-4d3e21292b0e HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=50f944ea-d50e-44d6-860a-4d3e21292b0e
Request Chain 484
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=8eba09cb-d971-4142-b534-751f5aec3f43 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=8eba09cb-d971-4142-b534-751f5aec3f43
Request Chain 515
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0aaca1aa10ee75d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JaggjgbggbannTVQU%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JaggjgbggbannTVQU%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaggjgbggbannTVQU&gdpr=0&gdpr_consent=
Request Chain 517
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B7D66492643D4D7DA9C652C79BA77048&gdpr=0&gdpr_consent=
Request Chain 518
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6847846759
Request Chain 521
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 522
  • https://pixel.onaudience.com/?partner=214&mapped=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=03a241d66b1bdffb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=03a241d66b1bdffb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893fa342ee09&zcluid=03a241d66b1bdffb&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGPt1RZPcArLb9P-D4QkK9U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893fa342ee09&zcluid=03a241d66b1bdffb&zdid=1332
Request Chain 523
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7860270711371651961
Request Chain 547
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 568
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 579
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=9cddcaa5-9efa-49cc-a7f4-9e8c65acfe47&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 583
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=umv1b41_7284281978830276197&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
Request Chain 586
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=25286724204748010433476786795033725090&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 588
  • https://bn01.er.bemail.it/zeotap.php?_bid=32b7898d-121f-4c79-4f7e-bfda3da020ea&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023092918-25390-0.873094001696003936-c3ccad6c62ad2816be53f07f411006d7&zdid=533&env=mWeb
Request Chain 589
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7284281421854144659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 590
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea
Request Chain 591
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=WEzhwIP9WoV5fc3oGHdPl.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 593
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=32b7898d-121f-4c79-4f7e-bfda3da020ea?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 594
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-HVHSM2JE2ooFVSxqkSRyi3D2uRL_leEA.A--~A&zpartnerid=570&env=mWeb
Request Chain 595
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vNC4LqiYtfNTObPBR%2Bib8zncsR%2FlVPH5%2BS41iYitP1U%3D
Request Chain 599
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRb3XAAQzh9rdABV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 600
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 601
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361&dcc=t
Request Chain 603
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 607
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=WOUtJgjnKXNDtC9xDOExdF7jKiFD4HoiXbYFfB5S&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Request Chain 612
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3Deacd8d35-50d2-4b8e-5249-48e8fddcd750%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
Request Chain 639
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=fbd1e80bdb968d3b84c47b7777f7d4610e26f7a358d5abad4685fd9aac2a3b13
Request Chain 662
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
Request Chain 671
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6257942833171685156

662 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3...
info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/
8 KB
4 KB
Document
General
Full URL
https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e4 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
80e5817c6a5218e0-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Fri, 29 Sep 2023 16:12:06 GMT
last-modified
Fri, 29 Sep 2023 16:12:06 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlGxZvhW9vuv84hflOgC35CzLprqLqFI6eytyAsG2XlusIak8va8vsGLf2xool6jsuoN9EBzqNH3iK%2FqRUXtrKrGAoZm9%2FtLCniUHN%2BqjIY7PQTPUzQ1c5Duth9s1PaBNrY0nK5P2j7CtHCh1g%2FJJkyG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
14
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-8h7ks
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
3b128b06-1ffe-41ad-bf24-4d39e129bbfe
x-request-id
3b128b06-1ffe-41ad-bf24-4d39e129bbfe
x-robots-tag
none
Primary Request /
nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/
Redirect Chain
  • https://info.illicitedge.com/events/public/v1/encoded/track/tc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60...
  • https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&...
418 KB
77 KB
Document
General
Full URL
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
eb203a611731d8010627ec1a4e29e3dc8c7cae3973c99d09d5b797898f26eda1
Security Headers
Name Value
Content-Security-Policy frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
private, no-store
content-encoding
gzip
content-security-policy
frame-ancestors nypost.com decider.com pagesix.com *.nypost.com *.decider.com *.pagesix.com
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 16:12:07 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://nypost.com/wp-json/>; rel="https://api.w.org/" <https://nypost.com/wp-json/wp/v2/article/28903831>; rel="alternate"; type="application/json" <https://wp.me/pb3Qpq-1XhcP>; rel=shortlink
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000
x-cache
miss
x-content-type-options
nosniff
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
hhn1 96 184 443
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
80e5817ddc5b18e0-FRA
content-security-policy
upgrade-insecure-requests
date
Fri, 29 Sep 2023 16:12:06 GMT
link
<https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email>; rel="canonical"
location
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yKAplSkvH1L5SK4CzuAOhqY5L3pX0NDGjdWGVD2bBpK4%2FnlN8tF5HhqmE0sNBvrAu9euTA4fQqBjb6UQXHMYRx3rgCzVPpMAYSy%2B9uLlkYSsOjZpi%2FjdhEgmjwDgwhnKph7z9tjFJvlap26Bu1J5IFo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
30
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-7d997f8c5-cf7sg
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
9ec3b1ba-85c2-460b-8dec-0ad9e354f88c
x-request-id
9ec3b1ba-85c2-460b-8dec-0ad9e354f88c
x-robots-tag
none
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
h6ThlO7ea17v6JNPXbI1zQ==
age
40457
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6822
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:11:21 GMT
server
cloudflare
etag
0x8DBBFE15B00285A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0ed67756-301e-001b-0c44-f20780000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e58184bb815d4e-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
54988
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
40af8f39-a01e-0026-3083-f0719b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80e58184bb865d4e-FRA
6c0f8417-b563-477c-8b00-33914cb4600e.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/6c0f8417-b563-477c-8b00-33914cb4600e.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1066
content-md5
QO4nX2ubfiE2GmZA8fzEcQ==
content-length
1762
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:37:25 GMT
server
cloudflare
etag
0x8DB8480390ACDFF
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
49a2cfd4-801e-0003-5b69-b6dbe1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581851afe1daa-FRA
expires
Sat, 30 Sep 2023 16:12:07 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
75 B
243 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
80e5818529a239ec-FRA
vary
Accept-Encoding
content-type
text/javascript
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
80e581857eeb35ec-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.39.0/
372 KB
89 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Zp/CcrZmK7hQ2S6c/t9Tpw==
age
3429
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
90454
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:04 GMT
server
cloudflare
etag
0x8DA87805EB35DE2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e58185acdf5d4e-FRA
global-assets.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
88 KB
20 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/global-assets.min.css?ver=71dd5d7d3ded103ecf74
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cd19cc5fc19a2b0bcf831d5455f7ce926bb88535cd47410696935df2865c669f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-160a6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
24 KB
6 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=68942ac49cc4d0281af6
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa75fa22ae72c1b4edfbca3f4e9c8f3b57244c5674346e5301af41125b389b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-6190"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
19 KB
2 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=5d8efb9cbff3dce0c73f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
13999a8611659365a88f9dd85c252af76e7f72b032ccc0fed703910b796e4776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-4bca"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
659 B
334 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=3449ace190db7537ddda
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
18 KB
5 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=760ad67c04ce3ae5f56e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7a0e8cb59a8b9b723a2e298c769bcea0631bd75c7442e21702deed1d6c2813c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-4767"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
1 KB
537 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=aaf6531c874770c22709
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-411"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
6 KB
910 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=8292a2721a6f812743bc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-16c2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
209 KB
51 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=6b62e74d1e3975a217dc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60ef4cc14c7ddf4064f13e86655ef0186713e3eb6aeba049195017225d9733df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-3420b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
55 B
108 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=9416c23049560a0f89bf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
widgets-zone.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
150 B
203 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-zone.min.css?ver=599db50c91ffec1aaad0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-96"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150
widgets-columnists.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
147 B
201 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-columnists.min.css?ver=23a33cab9303ca6a8fdf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0e97d52a6226cb2c5eb448d4007f35ce6382a32089ed7d25452b16713665c93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-trending-now.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
147 B
190 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-trending-now.min.css?ver=96757172c641c255fb9e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-now-on.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
313 B
369 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-now-on.min.css?ver=4ad4e48c5f61a81ba0da
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-139"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
313
widgets-custom-posts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
68 B
122 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-custom-posts.min.css?ver=46d34fcb7e0fa5cd7fc5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-44"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
pyz4pvc.css
use.typekit.net/
2 KB
873 B
Stylesheet
General
Full URL
https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 29 Sep 2023 16:12:08 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
features
zephr-v4.nypost.com/zephr/
1020 B
1 KB
Other
General
Full URL
https://zephr-v4.nypost.com/zephr/features
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-19.fra56.r.cloudfront.net
Software
/
Resource Hash
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
br
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
public, max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Chhgya0f041hPgk6MUgh8IZan6yxlB-GiMNw7VP4fj7SWp5tW3Ageg==
x-blaize-request
ffffffffc41ec666
wp-emoji-release.min.js
nypost.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://nypost.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:05 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bd-48b9"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
nyp-slideshow-modal-styles.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
2 KB
631 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/nyp-slideshow-modal-styles.min.css?ver=fdcb808d1e08b537f98e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3678aab0b3567729e07aeb488a538c7417e763aff7967d1cb60b47ecc23dc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-6d5"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
index.css
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/
5 KB
1 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.css?ver=0a8eecac915890e1bf24
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1574ec82e9639e92b14f9f29da076c74b16d9461a746192bd9428b7aa1254ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-138b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
style.min.css
nypost.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:03 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bb-15b64"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
nypost.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
nypost.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:05 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bd-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
en.json
cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/79893a67-1b64-44b5-9e00-2b4149a2aeb0/
783 KB
107 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6c0f8417-b563-477c-8b00-33914cb4600e/79893a67-1b64-44b5-9e00-2b4149a2aeb0/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07c21d52204f6df0f2295eac770281a8f9c0eeb50f00a45dec9e35c9cabd6df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
770
content-md5
ERx2gPTlbz6qwAWru43S4g==
content-length
109422
x-ms-lease-status
unlocked
last-modified
Fri, 14 Jul 2023 15:37:56 GMT
server
cloudflare
etag
0x8DB84804B90CD8C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
535e87ef-001e-00b3-2769-b62261000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581862ca01daa-FRA
expires
Sat, 30 Sep 2023 16:12:08 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
387 KB
55 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce458c194c779bda4f688e53a08b27ef39840fdc98b99a2828a6eb286f47c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
oEQk6DtpaOU77hQDqukzEA==
age
37021
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
56427
x-ms-lease-status
unlocked
last-modified
Fri, 29 Sep 2023 01:13:33 GMT
server
cloudflare
etag
0x8DBC0894C899EC8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4f7e8974-e01e-0055-3790-f22908000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581862ca21daa-FRA
otTCF.js
cdn.cookielaw.org/scripttemplates/6.39.0/
68 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7+d5z1W8EcmBqv81Q4Kzhw==
age
37208
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
15011
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:02 GMT
server
cloudflare
etag
0x8DA87805DD135D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d39cd3e4-301e-0178-45e1-5af604000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581866dee5d4e-FRA
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=pyz4pvc&ht=tk&f=39500.39501&a=738589&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
blocks-betting-offer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
2 KB
638 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-betting-offer.min.css?ver=36198e80e2d0f7048c79
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-810"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-button.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
2 KB
654 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-button.min.css?ver=512bdd0fe42491bc570a
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-primary-tag.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
3 KB
772 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-primary-tag.min.css?ver=21a82a87bed2ec83851b
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-b4e"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-gracenote.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
407 B
454 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-gracenote.min.css?ver=0ec0bd194e069b461720
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-197"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
407
blocks-info-box.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
547 B
335 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-info-box.min.css?ver=59f9cfec8cb76e051ebd
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-223"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-list.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
1 KB
432 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-list.min.css?ver=c25122c3781a3cce2f2d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bea78c373ea76ea89c8ec1a21b6989b051fa55ac737af65b7ee0bae59eac9e30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-44a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-newsletter.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
4 KB
981 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-newsletter.min.css?ver=a368d4c69bfc3b246091
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-10af"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-syndicated.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
1 KB
381 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-syndicated.min.css?ver=00f9c28724565db7d6bc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-440"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-related-post.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
527 B
262 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-related-post.min.css?ver=0a188ea2358131801982
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-20f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-review.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
1 KB
434 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-review.min.css?ver=d55d56f644fdf8e003fc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-422"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-comments.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
623 B
357 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-comments.min.css?ver=b31677c57ff0449031c7
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-26f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
blocks-promo.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
2 KB
563 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-promo.min.css?ver=6d3780c6e29cae6a391d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-734"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
widget.subscribe.css
nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/
2 KB
822 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/plugins/sailthru-wordpress-plugin/css/widget.subscribe.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-9a1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
social-logos.min.css
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/
12 KB
8 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/social-logos/social-logos.min.css?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 18:11:24 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515c1cc-2f4a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
pb.js
pbcs.nypost.com/p/nyp/nyp/
813 KB
181 KB
Script
General
Full URL
https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:262b:fa00:13:af59:7380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68d915d90152855140b5fda03f779e6d2795a8913b86ae33e9eb54d3e8869057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:08 GMT
Content-Encoding
br
Via
1.1 e1c8225b86f394718e093d7bbdef7fa2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG52-P5
Age
3
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
x-amz-meta-server-side-encryption
AES256
Last-Modified
Mon, 11 Sep 2023 19:00:31 GMT
Server
AmazonS3
ETag
W/"fd707563d0a395e4d957dd954cf270ae"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
X-Amz-Cf-Id
zUpZsvqfg8f8yhGM1AZLAVv8ZKb4GvD9v7IbEbU9nVHqokHQymeFiQ==
28b907db-50ab-433d-bf84-4da2d60824bc
player.ex.co/player/
621 KB
181 KB
Script
General
Full URL
https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3749cc39c040db386f013152979e32029979e464447878c87a9a54b239577b65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 varnish, 1.1 varnish
age
1560
x-cache
MISS, HIT
content-length
185096
x-served-by
cache-iad-kcgs7200154-IAD, cache-fra-eddf8230062-FRA
server
nginx
x-timer
S1696003928.351218,VS0,VE2
etag
W/"9b3d9-yckZH24tgGcOWjZbYMhlidnmamg"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
tag
btloader.com/
Redirect Chain
  • https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
  • https://btloader.com/tag?h=nypost-com&upapi=true
15 KB
7 KB
Script
General
Full URL
https://btloader.com/tag?h=nypost-com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37abef88a91af49d4c28175753243e01c7c6bc5366e643432a21615799c7f8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 15:44:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1431
etag
W/"470f7a2b4333144b03968040209f494e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vlcQ2NEqLctl6qBS%2FzaXf%2BlN7KPfUjxQ6w61dkkvYAQ9SF%2B%2BbLyWMpQcaj4a4G83xI6XsSt7vWGAQx%2BFNZZMap1IyJN8Q3XEuLDx5hnGq3MX4Vm9GDIcnLA9w3GxSIP0YRPGJqpK%2FbwUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80e58188ef1190fe-FRA

Redirect headers

date
Fri, 29 Sep 2023 16:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP1l%2F%2B6QFJKtLhosqCWU8dtQ0zS%2FM9CtH6hbHUBiOZJkVaOP0ICojmVRrM8p%2BAKqoYcO3lmUHtvo%2BZMoxcrSNfbzRpcJPTMT0gaMUpeHKaZwS71fV9rVI%2FT%2F1gKMxtpyxODZNxIwK4L0XAfv3YmOpLeWRpr27tfAoIVS"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=nypost-com&upapi=true
cache-control
max-age=3600
cf-ray
80e581882b7c363c-FRA
expires
Fri, 29 Sep 2023 17:12:08 GMT
vendor-dompurify.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
20 KB
8 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/vendor-dompurify.bundle.js?ver=7a769f1ea2277539e74a
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-5060"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
pyz4pvc.css
use.typekit.net/
2 KB
873 B
Stylesheet
General
Full URL
https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 29 Sep 2023 16:12:08 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
650
nyp-slideshow-modal-styles.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
2 KB
577 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/nyp-slideshow-modal-styles.min.css?ver=fdcb808d1e08b537f98e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3678aab0b3567729e07aeb488a538c7417e763aff7967d1cb60b47ecc23dc7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-6d5"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
index.css
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/
5 KB
1 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.css?ver=0a8eecac915890e1bf24
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1574ec82e9639e92b14f9f29da076c74b16d9461a746192bd9428b7aa1254ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-138b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
style.min.css
nypost.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:03 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bb-15b64"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
mediaelementplayer-legacy.min.css
nypost.com/wp-includes/js/mediaelement/
11 KB
3 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-2bf8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
wp-mediaelement.min.css
nypost.com/wp-includes/js/mediaelement/
4 KB
1 KB
Stylesheet
General
Full URL
https://nypost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:05 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bd-105a"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
global-assets.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
5 KB
2 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/global-assets.bundle.js?ver=81bc11587b260908492e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e948eb7fd66f63fa94dee8b077495ba1c4053573182d8aebf90aa1db18d95245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-1387"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
header-footer.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
12 KB
4 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/header-footer.bundle.js?ver=51319387dd635cf2f21d
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-30f2"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
analytics.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
3 KB
1 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/analytics.bundle.js?ver=cb61dde09f034628b230
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-c73"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
zephr.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
8 KB
3 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/zephr.bundle.js?ver=41473408724f45207d69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-1f34"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
18 KB
6 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like.bundle.js?ver=498d9e2ff075ccc05dcf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
557dd5d6af85b5639c20b92b58670a12f90b7d07a6f1277464fd05502e8b419b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-46df"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-article-like-scripts.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
4 KB
2 KB
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-article-like-scripts.bundle.js?ver=554505b6ae8a5c99f28f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
83c3b0cd425750525a180e93326fcd9d74f41597088f5957fe1d96d93ceb5f9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-1174"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
0
22 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/templates-shared-interior-with-sidebar.bundle.js?ver=f1da12d770724a568e79
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-shared.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
0
22 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-shared.bundle.js?ver=24f7074e7dc2f3dceae9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
membership-nypost.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
0
22 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/membership-nypost.bundle.js?ver=e4d437a63cbbf5dddaac
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
widgets-zone.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
0
34 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/widgets-zone.bundle.js?ver=c4a2c8a6199c4d89e1e9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-0"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
0
regenerator-runtime.min.js
nypost.com/wp-includes/js/dist/vendor/
6 KB
2 KB
Script
General
Full URL
https://nypost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-194b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
wp-polyfill.min.js
nypost.com/wp-includes/js/dist/vendor/
19 KB
7 KB
Script
General
Full URL
https://nypost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"650db6bc-4ac6"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
hooks.min.js
nypost.com/wp-includes/js/dist/
5 KB
2 KB
Script
General
Full URL
https://nypost.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bc-132e"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
i18n.min.js
nypost.com/wp-includes/js/dist/
10 KB
4 KB
Script
General
Full URL
https://nypost.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Fri, 22 Sep 2023 15:46:04 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"650db6bc-27ee"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
button_3_bg-2.png
nypost.com/wp-content/uploads/sites/2/2023/02/
3 KB
3 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/02/button_3_bg-2.png?resize=231,45
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 88 443
last-modified
Fri, 28 Jul 2023 08:02:44 GMT
server
nginx
etag
"ab5384986f0d3c3a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2882
flbuttons.min.js
cdn.flipboard.com/web/buttons/js/
7 KB
4 KB
Script
General
Full URL
https://cdn.flipboard.com/web/buttons/js/flbuttons.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:1200:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 22:49:08 GMT
content-encoding
gzip
via
1.1 b6e86319773f95421e5e42f048890d7c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:43:48 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608743508/ctime:1608745368/gid:1000/gname:ubuntu/md5:e9b04ad509ffb00302d9625f75774548/mode:33204/mtime:1608745368/uid:1000/uname:ubuntu
x-amz-cf-pop
AMS58-P3
age
62580
etag
W/"e9b04ad509ffb00302d9625f75774548"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
x-amz-cf-id
pbRfjtublVRLnwQGEH14LBIcLeEAum6vzioW6vW2JjHIhJzUMZmblA==
NYPICHPDPICT000006391914.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
41 KB
41 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000006391914.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3060211fa73da094eecf50b187d55b708d6b351d2d35689fa23d5692d2617e6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 139 443
last-modified
Thu, 28 Sep 2023 23:43:31 GMT
server
nginx
etag
"c69c809accbd7334"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
41698
sp_Sx8YukwE
launcher.spot.im/spot/
90 KB
22 KB
Script
General
Full URL
https://launcher.spot.im/spot/sp_Sx8YukwE
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-114.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cae0864882dadea255539e23f6438d8b792933903e9b4e2771eb85e0b37d7145

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
KbMK8sjH74PgDAE9HI4DX35wxP3bGMVq
content-encoding
br
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 16:09:52 GMT
x-amz-cf-pop
FRA50-C1
age
137
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22354
last-modified
Wed, 27 Sep 2023 12:45:22 GMT
server
AmazonS3
etag
"b30ff3913136c763e16a097aa0333fc0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
a9NzJzeyZ5w79kot8OVVhR8qVAbYnfEcG5L0-4gHoA0ha-x6wblz9g==
otFlat.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xx897lTVYGjMQiwuGCrzDA==
age
34504
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:55 GMT
server
cloudflare
etag
0x8DA87805972EF22
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
76a6d10c-f01e-00ad-3fe1-5af88c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581874e301daa-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PpYet/3D+UMQBHrd1SR49w==
age
72809
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13981
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:58 GMT
server
cloudflare
etag
0x8DA87805B3CBC97
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
87409a01-001e-0134-04e1-5a311b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581874e321daa-FRA
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ssl6Phwu9+sah2W05EtyUQ==
age
37006
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:30:57 GMT
server
cloudflare
etag
0x8DA87805A8DD1F0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
373f1bc7-401e-0015-6fe1-5a1a7f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e581874e341daa-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.39.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
37248
x-ms-lease-status
unlocked
last-modified
Fri, 26 Aug 2022 16:31:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fcd7a89c-501e-0105-61e1-5a6acc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80e581874e351daa-FRA
header-footer.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
24 KB
6 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/header-footer.min.css?ver=68942ac49cc4d0281af6
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa75fa22ae72c1b4edfbca3f4e9c8f3b57244c5674346e5301af41125b389b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-6190"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
vip-powered-dark-small.png
nypost.com/wp-content/mu-plugins/vip-helpers/images/
2 KB
2 KB
Image
General
Full URL
https://nypost.com/wp-content/mu-plugins/vip-helpers/images/vip-powered-dark-small.png?ver=20220317
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Mon, 25 Sep 2023 17:03:51 GMT
server
nginx
etag
"6511bd77-849"
x-cache
HIT
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2121
index.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/
15 KB
5 KB
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1e46342c0be92982579a97285a650bb33f8cec310189760e860564b45b42ba1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-3a03"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
app.bundle.min.js
nypost.com/wp-content/plugins/nyp-zephr/build/
303 KB
97 KB
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-zephr/build/app.bundle.min.js?ver=1f80c88e15fbd872e9d2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7cc16a477c1a90bfd29f57eb3a725e7f3ad44be936b0d800a9045ec0857f67eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-4bce1"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
main.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/
729 KB
213 KB
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
01b7e314743f8a5c5ce3167eff99cacd2a4cc0719a2333ab9060cde899c26004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d142-b6472"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
blocks-related-video.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
1 KB
686 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/blocks-related-video.bundle.js?ver=0d4d1b6aabfcc8a940fc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-4bd"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
akismet-frontend.js
nypost.com/wp-content/mu-plugins/akismet/_inc/
10 KB
3 KB
Script
General
Full URL
https://nypost.com/wp-content/mu-plugins/akismet/_inc/akismet-frontend.js?ver=1695745536
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Mon, 25 Sep 2023 17:03:51 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6511bd77-29ed"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
nyp-show-ads.bundle.js
nypost.com/wp-content/themes/nypost-2016/client/build/js/
28 B
74 B
Script
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/js/nyp-show-ads.bundle.js?ver=869dd293421c93317414
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-1c"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
28
sharing.min.js
nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/
8 KB
3 KB
Script
General
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/_inc/build/sharedaddy/sharing.min.js?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 18:11:24 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515c1cc-2145"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
e-202339.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202339.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/13576-1684461103136.7104
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 22 Sep 2024 23:30:25 GMT
conversion.js
www.googleadservices.com/pagead/
50 KB
19 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18630
x-xss-protection
0
server
cafe
etag
7951265875426957259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 16:12:08 GMT
v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
rebelhen.com/
72 KB
25 KB
Script
General
Full URL
https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
30563cc285f3e9c8979922a21301d0b42ab7a1b3bdd3a07af7d1c79839e5b2ae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 29 Sep 2023 16:12:08 GMT
x-datacenter
gce-europe-west1
etag
"f02e0f463fe85ad04d4af40ac5cdf92864348f045f26a983da9a8997823b070c"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-091r
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/
291 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
404 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
500 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
144 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
419 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
607 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/384d9b/00000000000000007735bb6a/30/
25 KB
25 KB
Font
General
Full URL
https://use.typekit.net/af/384d9b/00000000000000007735bb6a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
server
nginx
etag
"23427917d6d72688888854d7151dc7962d8d8301"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
25828
l
use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/
27 KB
27 KB
Font
General
Full URL
https://use.typekit.net/af/fcc1c9/00000000000000007735bb6c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252

Request headers

Referer
https://use.typekit.net/pyz4pvc.css?ver=1f80c88e15fbd872e9d2
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
server
nginx
etag
"4a18a3989731aaa007ed313e06dcae2e9eeac63d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27920
NYPICHPDPICT000052390351.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
115 KB
115 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000052390351.jpg?resize=1024,894&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a452abd2e89e6b395ae78fb469f4c16387a37f725c91911f6ed7e028ad3b8265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 144 443
last-modified
Thu, 28 Sep 2023 23:43:31 GMT
server
nginx
etag
"0baf310d02ff3deb"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
117674
NYPICHPDPICT000052404500.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
50 KB
50 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000052404500.jpg?resize=760,1024&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9909ab1183fbe48533f5da95eee6df77e9f896db26be44322d78b85fcd76ee39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 88 443
last-modified
Fri, 29 Sep 2023 00:36:37 GMT
server
nginx
etag
"044b3a9213abf48e"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
51210
NYPICHPDPICT000052404465.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
20 KB
20 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000052404465.jpg?resize=683,1024&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6a3249280067c7ad550fce97c84e4bd3a0c019dbabd1bf073e514d8b3e1ec3c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 196 443
last-modified
Fri, 29 Sep 2023 00:36:37 GMT
server
nginx
etag
"bf4207244e856ff5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20842
NYPICHPDPICT000015491939.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
31 KB
31 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000015491939.jpg?resize=1024,683&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c63ce08d76a8c6731e671fba9f1766751997b35a2e3914fc6238ae12dd808ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 84 443
last-modified
Fri, 29 Sep 2023 00:51:57 GMT
server
nginx
etag
"506f48843a5a578d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
31478
NYPICHPDPICT000014618309.jpg
nypost.com/wp-content/uploads/sites/2/2023/07/
8 KB
8 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/07/NYPICHPDPICT000014618309.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
094e34495daeac2cdad47cf80071d73ddd79df53f398481670149a12a5557f19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 84 443
last-modified
Thu, 28 Sep 2023 14:18:44 GMT
server
nginx
etag
"8ca449bc695dd556"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8000
steve-cuozzo.png
nypost.com/wp-content/uploads/sites/2/2013/08/
3 KB
3 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2013/08/steve-cuozzo.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
349df22cb172fd371a26edd8d44c67c95482024430cef8b4c670bf1611931c38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 144 443
last-modified
Fri, 28 Jul 2023 08:03:30 GMT
server
nginx
etag
"63150d421930b2d9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3166
Gasparino_Charles_headshot.png
nypost.com/wp-content/uploads/sites/2/2013/08/
3 KB
3 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2013/08/Gasparino_Charles_headshot.png?resize=76,69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
55dd4ba6e098e26dac8be59dda435f7844345767358dacfcb0a00a40c2a99824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 196 443
last-modified
Fri, 28 Jul 2023 08:03:30 GMT
server
nginx
etag
"0fae0d78df510b76"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2612
author-jennifer-gould.png
nypost.com/wp-content/uploads/sites/2/2013/08/
4 KB
4 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2013/08/author-jennifer-gould.png?resize=76,69
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
04fd2eb2bc507768f6108f6ddf341a2debeff3a415b41dd6f35d1fd6654745c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 198 443
last-modified
Fri, 28 Jul 2023 08:02:48 GMT
server
nginx
etag
"1a1b1b8d5d2d4c6d"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4460
trump-links.gif
nypost.com/wp-content/uploads/sites/2/2023/09/
658 KB
658 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/trump-links.gif?resize=260,174
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
508b39171159eeb71a492570d41c7ac37ed69a392ed59d2969492b108f764aea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 32 443
last-modified
Thu, 28 Sep 2023 21:37:18 GMT
server
nginx
vary
Accept
x-cache
HIT
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
673354
NYPICHPDPICT000031577458.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
5 KB
5 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000031577458.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0f0402599dfd7798a105e379ac33c7c4d2060999ea54a7bf81f18589d4e2539e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 139 443
last-modified
Wed, 27 Sep 2023 21:30:24 GMT
server
nginx
etag
"7d76a22db5943213"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4838
NYPICHPDPICT000053116793.jpg
nypost.com/wp-content/uploads/sites/2/2023/09/
11 KB
11 KB
Image
General
Full URL
https://nypost.com/wp-content/uploads/sites/2/2023/09/NYPICHPDPICT000053116793.jpg?resize=260,174&quality=75&strip=all
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d9234d546d7fb5bf401aeca3c9678094ada764ea670289e465866b075b79d2a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 109 144 443
last-modified
Fri, 29 Sep 2023 13:04:33 GMT
server
nginx
etag
"38b579e20083dac7"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
content-length
11506
gtm.js
www.googletagmanager.com/
261 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a6258537b45f91ef20d72cd65e83df695a017bdbaa1adcc6be5754e2e1b4743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88411
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 16:12:08 GMT
grunion.css
nypost.com/wp-content/mu-plugins/jetpack-11.3/modules/contact-form/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/mu-plugins/jetpack-11.3/modules/contact-form/css/grunion.css?ver=11.3.2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0926141b446eaacbb79f08a953b7b0a3c7ec73bdd5089af412f4a043944db6fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 18:11:24 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515c1cc-1081"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
340.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/
0
24 KB
Other
General
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/340.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-142ed"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
slideshow-swiper.js
nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/
0
728 B
Other
General
Full URL
https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/slideshow-swiper.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-slideshow-modal/build/slideshow-modal/index.js?ver=0a8eecac915890e1bf24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-610"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
353 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
342 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
blocks-core.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
19 KB
2 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/blocks-core.min.css?ver=5d8efb9cbff3dce0c73f
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
13999a8611659365a88f9dd85c252af76e7f72b032ccc0fed703910b796e4776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-4bca"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
zephr.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
659 B
312 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/zephr.min.css?ver=3449ace190db7537ddda
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-293"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
18 KB
5 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like.min.css?ver=760ad67c04ce3ae5f56e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7a0e8cb59a8b9b723a2e298c769bcea0631bd75c7442e21702deed1d6c2813c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-4767"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-article-like-scripts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
1 KB
515 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-article-like-scripts.min.css?ver=aaf6531c874770c22709
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515b5e3-411"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
templates-shared-interior-with-sidebar.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
6 KB
886 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/templates-shared-interior-with-sidebar.min.css?ver=8292a2721a6f812743bc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515b5e3-16c2"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-shared.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
209 KB
51 KB
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-shared.min.css?ver=6b62e74d1e3975a217dc
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
60ef4cc14c7ddf4064f13e86655ef0186713e3eb6aeba049195017225d9733df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-3420b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
membership-nypost.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
55 B
88 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/membership-nypost.min.css?ver=9416c23049560a0f89bf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-37"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
widgets-zone.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
150 B
192 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-zone.min.css?ver=599db50c91ffec1aaad0
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-96"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
150
widgets-columnists.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
147 B
193 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-columnists.min.css?ver=23a33cab9303ca6a8fdf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0e97d52a6226cb2c5eb448d4007f35ce6382a32089ed7d25452b16713665c93f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 185 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-trending-now.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
147 B
177 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-trending-now.min.css?ver=96757172c641c255fb9e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-93"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
147
widgets-now-on.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
313 B
356 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-now-on.min.css?ver=4ad4e48c5f61a81ba0da
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-139"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
313
widgets-custom-posts.min.css
nypost.com/wp-content/themes/nypost-2016/client/build/css/
68 B
101 B
Stylesheet
General
Full URL
https://nypost.com/wp-content/themes/nypost-2016/client/build/css/widgets-custom-posts.min.css?ver=46d34fcb7e0fa5cd7fc5
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
strict-transport-security
max-age=31536000
x-rq
hhn1 96 184 443
last-modified
Thu, 28 Sep 2023 17:20:35 GMT
server
nginx
etag
"6515b5e3-44"
x-cache
HIT
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68
1630.4430baf296cafac9c7ab.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/
2 KB
1 KB
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1630.4430baf296cafac9c7ab.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a610a6a0c31cde4c57235319e2d87775c6edce8a7f34481da6b4566bb7c07501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:21 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d141-8d0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
5908.4001815fd88e7dc1e883.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/
605 B
483 B
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/5908.4001815fd88e7dc1e883.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8881b6734eaa1ef2330b7ba22a9edf08afe8d4fe3bec5ba8edb3d90eedb888d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:22 GMT
server
nginx
x-rq
hhn1 96 184 443
etag
W/"6515d142-25d"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
1706.9cc9f8953b66d584b90f.bundle.min.js
nypost.com/wp-content/plugins/nyp-membership/build/
618 B
496 B
Script
General
Full URL
https://nypost.com/wp-content/plugins/nyp-membership/build/1706.9cc9f8953b66d584b90f.bundle.min.js
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0661ebcdc864598ea7c0f4811aa08de5f2feaf045e2b9ec9c2aae351a47a52d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 28 Sep 2023 19:17:21 GMT
server
nginx
x-rq
hhn1 96 185 443
etag
W/"6515d141-26a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31536000
events
direct-events-collector.spot.im/api/v2/
0
214 B
XHR
General
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-111.cdg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 d08ef1d82ea76b1946793490968859d0.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
BtI8TnrvQytu5TNGMAFkikX2jUootXEEQaW8nx4-snsEQcuZoNOlvw==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
65 KB
20 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a9f49cc3a39df9a27bdaa93d86169a965bb6fb33657ead545c60213e72805a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:58 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
jjM89AYTFYB6FwGaKI9hrRuhdZPYKcj9
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20181
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"186a7e4d75bd7f354c4ddafa2445e787"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qhau0K7vVdWMEr5E8hq0VtpIQBrdJ7y7FCwdz4P7NHTukxEznhD-hw==
808-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
99 KB
28 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3754dbfeb713284ee6f058a608abd3f00206ea605031f87dbeffbfd60845e41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:58 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
GWaxJfbNnTqgDjxstszscDKwgPeGX6mx
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28204
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"287ebf385d2d46742c0fcc05c8e9f3c0"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Ehr2YZd7dSVYIHzODZYN15VJh4Kf2oi2Uq1hRz2KisOP8PrVwF__CQ==
891-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
11 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/891-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d851b822de46bf5127bf5911015991e78e5b45cd26e1ab578efa84b9487d67e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
WuPoHjCN0bKc7TLy3Yr8Q_onBogr9.NF
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3571
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"6b10e4ef0f8c722c6ba25c02728c04c5"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2kVXFAAcy-dG0EFnj0NY6ehdBUelX89EpRy_zVGpbl5A8rRXQDZiAg==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
29 KB
9 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4471f5df0b83a3428698a951af7a8c8c26ae4f072ad4a8ad3c1416b6599c964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
LLu108JaImi0HgEGtUB2lSGTfy3MIej.
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
9006
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"854cb463ff9b3ecf503de60676ff7918"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
0HMJNRhb7vrafQav1-fwLOnVr2sM2NPWtXah5qlAEdVYCYXeq_5M4Q==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/
0
0
Fetch
General
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-10.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 03:25:20 GMT
via
1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
46009
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
3tW6tNoFrIIrvdg5evhYcmrTft7yclkcIU-bj77S47eux0EHaRq1wA==
clear.gif
cdn.flipboard.com/dev_O/
43 B
493 B
Image
General
Full URL
https://cdn.flipboard.com/dev_O/clear.gif?utm_source=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:1200:e:5a70:ca40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 06:30:38 GMT
via
1.1 b6e86319773f95421e5e42f048890d7c.cloudfront.net (CloudFront)
last-modified
Wed, 23 Dec 2020 17:41:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1608745226/ctime:1608745224/gid:20/gname:staff/md5:ad4b0f606e0f8465bc4c4c170b37e1a3/mode:33188/mtime:1608745180/uid:501/uname:greg
x-amz-cf-pop
AMS58-P3
age
34890
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
pWDn6MpeAgr7OJS_GUKO7kCFOgzjQt78R6hJZCns8S8HWbCVpB7QXQ==
versions
player.ex.co/
1 KB
1 KB
Fetch
General
Full URL
https://player.ex.co/versions
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7a363b5a341b6b643adc19efca2b2ba4f8199e84b0e946ba1427b8688fc734d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 varnish, 1.1 varnish
age
60
x-cache
MISS, HIT
content-length
425
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230108-FRA
server
nginx
x-timer
S1696003929.788842,VS0,VE0
etag
W/"467-2VGRmUR3Ffjq4gnUySqcN5O9vCM"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 2
decision-engine
zephr-v4.nypost.com/zephr/ Frame
0
0
Preflight
General
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-19.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
access-control-allow-methods
POST,PUT,PATCH,GET,DELETE,OPTIONS,HEAD
access-control-allow-origin
https://nypost.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-id
TIoZyTN1FvZowvbvtzxAXNkRZ0kMxCqp-1l2OiBMxvZ3cVor_lfxsw==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
decision-engine
zephr-v4.nypost.com/zephr/
266 B
1020 B
Fetch
General
Full URL
https://zephr-v4.nypost.com/zephr/decision-engine?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-19.fra56.r.cloudfront.net
Software
/
Resource Hash
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
266
x-amz-cf-id
L2nRWGmdWX1ekfQD3r2JhQudWgBApwRY6CkhJAjUKCWvdxoCZ8zEXg==
access-control-allow-headers
Accept,Origin,Keep-Alive,Content-Type,User-Agent,Referer,Accept-Language,Cookie,Authorization,Cache-Control,Expires,Access-Control-Request-Method,Access-Control-Request-Headers,Accept-Encoding
x-blaize-request
55dc6206
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e38eb3d2b538a6720761004893b118f40723de23a3c57df68b50d5037c50c8f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Sep 2023 16:12:08 GMT
prebidrtdclient.js
warp.media.net/js/tags/
116 KB
37 KB
Script
General
Full URL
https://warp.media.net/js/tags/prebidrtdclient.js?cid=8CU3I8M1G&dn=nypost.com
Requested by
Host: pbcs.nypost.com
URL: https://pbcs.nypost.com/p/nyp/nyp/pb.js?ver=1.0.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c54799c176b73db64171672c674a450d4fc6bda4facd1f4d5c5484f9d461402
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Fri, 29 Sep 2023 16:12:08 GMT
server
Apache
etag
13220481328004461032
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
content-length
37855
expires
Fri, 29 Sep 2023 16:42:08 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/
4 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988380111/?random=1696003928873&cv=9&fst=1696003928873&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tiba=Russian%20oligarch%20rented%20out%20landmark%20NYC%20mansion%20days%20before%20getting%20hit%20by%20US%20sanctions%3A%20sources&hn=www.googleadservices.com&us_privacy=1---&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cca47157e9a8c7fbe937ab8f34c9b60f2667de15d32251d7318bfb5291d60419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1674
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
482 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=aqglya&adnum=239184
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
22254966
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
GNMaFlAyymdin3FZqRjgV03qIIfePgahP635aYl3wdlvDUUjaSfwIg==
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
938 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895037
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGvFLtvKdnAifc3xazVkqQjyCCI5QJ%2BK%2BNQ5XJMB6Tt3tHNs1%2BZNkdlGaU58Sc14X9bCxRzyDgjXDAfOO7fp6bSoNlMLj0YJg8Br3%2BbNx42q46jhy9g%2FU4qKPEO1qP%2FfXE6EgxcTwiYXfeDsSg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e5818bf8482bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 09:21:02 GMT
px.gif
ad-delivery.net/
43 B
350 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.2644436808498851
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895037
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IKGFS8swzoCOSDfrrAC6%2BXIxG7t0Arn%2FQrqUCqe%2FzNGBMDgzr5VeB2mzGGC5ywdAB8uY9t6SVUkWdRJuYmKS0ggYPST5dvcp%2BVFtM%2BMnun0w%2B81JhsGe%2FOh%2BrY%2B%2F0zH7TseFj1g%2Ftt%2FDbB19w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e5818bf84a2bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
g.gif
pixel.wp.com/
50 B
93 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=163456144&post=28903831&tz=-4&srv=nypost.com&hp=vip&host=nypost.com&ref=&fcp=1703&rand=0.6395363661673295
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:08 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
903-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
168 KB
47 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/903-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ceca202d09a5ef57f3134fe038d485e08ce70371bffadd01e88a43b880fb29b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
6boiYbJE0at55hTwzAvKgUjSseZwVvdx
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
47407
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"9ca00fe3e2932d2f00f1570fcfb446fa"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kfTfXPn_xPJma27RwhM93UblV7D0LNjmumyU_vLYB60SMl0F7h5dOg==
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
93 KB
21 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e03f81e6ffc2bb0741a9e6db3dc37973da9082de612bcc8c3a9dc3c72908264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
0W3x4dYjfY8XX.o8BqK1qqEqEMHrDatW
x-amz-cf-pop
FRA56-P6
age
1916830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20878
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"4100652392f7d8318c34addbe7f6232a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nb8hrhHPQS_ukAM5EMqRPggpoYi8xHMuuOma7Pv5e6063OgMcvRT4A==
blank.png
cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/0489e0b3-45b9-44ef-bd10-68aee62b4a0e/2788269b-b46f-4e9a-afe9-1775559bbd27/
2 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/8930e991-baac-4a05-89f0-fc400879fa8a/0489e0b3-45b9-44ef-bd10-68aee62b4a0e/2788269b-b46f-4e9a-afe9-1775559bbd27/blank.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3229d1b3a2ceaf5cd78e728fef972048e012430d2bd31b69eddbb48d70b66dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SmtsaftXMon5dlVJkRpF/g==
age
32043
content-length
2031
x-ms-lease-status
unlocked
last-modified
Fri, 07 Jan 2022 20:35:06 GMT
server
cloudflare
etag
0x8D9D21D30D60623
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
0192f357-701e-009e-47e1-5aa1a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e5818cee3d5d4e-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 16:12:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
3429
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:11:24 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7e4c15bb-601e-0080-1336-f2c685000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
80e5818cee3e5d4e-FRA
nid_sp.js
nid.nypost.com/prod/sp/
73 KB
23 KB
Script
General
Full URL
https://nid.nypost.com/prod/sp/nid_sp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.206.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.206.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:16:47 GMT
via
1.1 google
content-encoding
br
age
3322
x-guploader-uploadid
ADPycdvG4-uBLvi98V1ekrwK8ZgHZm2XI3GDyywz6AXzjMlUHFV2Fd2Ztt7x-x2ae9XFb70OyJbMUyYfu5K-vdHMxPyOoK8jPXpU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23363
last-modified
Wed, 16 Aug 2023 07:10:34 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1692169834387192
x-goog-hash
crc32c=jx66WA==, md5=RzA+xGu4wsrxwc6aPvPtUw==
content-type
text/javascript
cache-control
max-age=2592000
x-goog-stored-content-length
74303
accept-ranges
bytes
js
www.googletagmanager.com/gtag/
253 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DZ7LHF5PZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TWX9Z9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
911efbd02dbc4ba7e63d84fb4fb4a364200be85ceba1d8c05703853f875acc35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88997
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 16:12:09 GMT
country
api.btloader.com/
16 B
132 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=TxplHLxkSI&w=5766767856058368&o=5747039208996864&cv=2.1.17-2-g0b33bd3&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&sid=3Im0RwVTix&upapi=true
Requested by
Host: nypost-com.videoplayerhub.com
URL: https://nypost-com.videoplayerhub.com/galleryplayer.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:09 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
messages-count
open-api.spot.im/v1/
58 B
682 B
Fetch
General
Full URL
https://open-api.spot.im/v1/messages-count?spot_id=sp_Sx8YukwE&posts_ids=28903831
Requested by
Host: nypost.com
URL: https://nypost.com/wp-content/plugins/nyp-membership/build/main.bundle.min.js?ver=f99e4035936e2cd00335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-6.fra2.r.cloudfront.net
Software
/
Resource Hash
8d5d2d99b0a4a119eab3e2cff06305d66bebcd6b39eec5780b08a709c7a95993
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-spotim-bid
x-spotim-rid
content-length
58
x-spotim-vid
access-control-max-age
86400
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, HEAD, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid
access-control-allow-credentials
true
access-control-allow-headers
x-spotim-bid, x-spotim-rid, x-spotim-token, x-spotim-networkid, x-spotim-spotid, x-spotim-vid, Content-Type
x-amz-cf-id
iIFwSX0KXNJhI6YolLH6YxosyRTGlp2cP1eRoiiFRM-4ql86PXlzyQ==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/
458 KB
183 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187176
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 13:14:11 GMT
/
www.google.com/pagead/1p-user-list/988380111/
42 B
327 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/988380111/?random=1696003928873&cv=9&fst=1696003200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tiba=Russian%20oligarch%20rented%20out%20landmark%20NYC%20mansion%20days%20before%20getting%20hit%20by%20US%20sanctions%3A%20sources&fmt=3&is_vtc=1&random=3781426524&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/988380111/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/988380111/?random=1696003928873&cv=9&fst=1696003200000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tiba=Russian%20oligarch%20rented%20out%20landmark%20NYC%20mansion%20days%20before%20getting%20hit%20by%20US%20sanctions%3A%20sources&fmt=3&is_vtc=1&random=3781426524&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:09 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
collector.ex.co/main/
17 B
155 B
XHR
General
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.181.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-181-145.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:09 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
28b907db-50ab-433d-bf84-4da2d60824bc
mcd-playlist.ex.co/api/v3/playlist/
11 KB
3 KB
Fetch
General
Full URL
https://mcd-playlist.ex.co/api/v3/playlist/28b907db-50ab-433d-bf84-4da2d60824bc?articleUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&accountId=c6674cb6-d42a-46f3-bfb5-92f412ffde60&recommendMethod=related&id=64a81ee5669cb60012a7e6a9&targetedPlaylist=true
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f7a3afc9a87ae989f240547a43d8764dab6287b450f0cb97f9fa4bd738efa29
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-recommendations-last-indexed
2023-09-22T23:51:28.189Z
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
2292
x-served-by
cache-fra-eddf8230108-FRA
server
nginx
x-timer
S1696003929.450844,VS0,VE1111
x-recommendations-exist
false
etag
W/"2c90-+VIWmOCb3sX9kTCVa34cRv894Hk"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-recommendations-exist, x-recommendations-method, x-recommendations-last-indexed
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0
i
sac.nypost.com/
43 B
418 B
XHR
General
Full URL
https://sac.nypost.com/i?stm=1696003929463&e=pv&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&page=Russian%20oligarch%20rented%20out%20landmark%20NYC%20mansion%20days%20before%20getting%20hit%20by%20US%20sanctions%3A%20sources&eid=d79d7203-f248-41db-93db-ea8fb839f844&tv=js-3.8.0&tna=_nyp_nid&aid=ncg-nyp&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Europe%2FBerlin&dtm=1696003929460&vp=1600x1200&ds=1600x8082&vid=1&sid=eec9ad98-1c78-4374-a055-602b3f19c6ef&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI5ZTVmNGUxMy03YTZjLTRhODgtOTNjNS03MWI1YTAxMjA4ODkifX1dfQ
Requested by
Host: nid.nypost.com
URL: https://nid.nypost.com/prod/sp/nid_sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.220.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.220.110.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:08 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://nypost.com
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
sprite.svg
static-cdn.spot.im/production/icons/sprites/
24 KB
10 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 05:11:38 GMT
x-amz-cf-pop
FRA56-P6
age
39632
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
iMirqFKzSz84ymj6P6VkLn5g9yPFrDJmYwfhdcnfmNUVPk41-YNAxg==
device-load
api-2-0.spot.im/v1.0.0/
36 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
5bdab34047746aa7d1f317d2a47cc795d7207c3b14933fd5d76bae623634af6c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-length
36
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
AQwoyzhnHe3GRvAIwaNH_sqQxURCExd0cXs4IHjchsMoK_7ENxfcTw==
anchor
www.google.com/recaptcha/api2/ Frame E93A
51 KB
28 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfe1a8e26b2006da1bbc11ec4650f2f531960cb07cc54c6c370a4190c1fb2608
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9A6uCqKEjGYYgcx_SmABTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9A6uCqKEjGYYgcx_SmABTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 16:12:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/
956 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
629e69a1ebd80db4269ad660c8e7c91aa12591
rebelhen.com/0/c961b1a567c1b0/
288 B
315 B
Fetch
General
Full URL
https://rebelhen.com/0/c961b1a567c1b0/629e69a1ebd80db4269ad660c8e7c91aa12591
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
a900ba6c4d5bd7d1cebe46aa1421a8812904060fc9f62f41420bcd7bd4b2e684
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-europe-west1-spot-091r
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 29 Sep 2023 16:12:08 GMT
28903831
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/
141 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/28903831
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
34083d38321ab24de28bae2d4fa8083e9a147a44e10d0f7b2921c7d72a2dbaab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 16:12:09 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
content-length
141
x-request-id
f1462230-5ee2-11ee-9fad-2e652f0f3976
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
QyGspxCHX3S4peJUC4uJwCGSEYSgPqZw2MxjOHUGmcWP4Y-zvkKcPg==
28903831
api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_Sx8YukwE/28903831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:09 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
8CSZNcvMiZyV2Xlp9o3QvuPNQJzf2hVTnCUm8XFn4UewdpF3AHJ1ww==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
43dc2f8493a8cb7b784754912a353985489f2a0b585f1379c5da
rebelhen.com/
3 KB
942 B
Fetch
General
Full URL
https://rebelhen.com/43dc2f8493a8cb7b784754912a353985489f2a0b585f1379c5da
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
f9d97d0a58afe2fa3caf17f94611826ef4b3c9cc88beef6c7fa916f0949467ed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Fri, 29 Sep 2023 16:12:09 GMT
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
916
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-europe-west1-spot-091r
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
styles__ltr.css
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame E93A
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:14:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 13:14:12 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/ Frame E93A
458 KB
183 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:14:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187176
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 04:03:44 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Sep 2024 13:14:11 GMT
ads.js
static-cdn.spot.im/production/ads/tags/v22.5.0/ads/
213 KB
65 KB
Script
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa147177214c6abaf4f71ecf914f3f15cf7dc924432d01023a6a19fc54ee9eed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
evIbWvSG4ztIu2RlrgKikM_z9a3nEGr7
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 06:59:23 GMT
last-modified
Tue, 19 Sep 2023 07:59:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
33167
x-amz-server-side-encryption
AES256
etag
W/"2a60f4343ac3bb4a8ed3bc4f5dbbb8b1"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
raJo0vyooLjb3R_uteAVGApF43Ihtlt-jfXCTW5V1xtXHKunspWK-w==
ads.css
static-cdn.spot.im/production/ads/tags/v22.5.0/ads/
7 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7952eaa38ac914b05f3aae43d16dd68f18c72a482c59374589ba03b0afd77a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
M9XFdtL08Wrva9_0TTjrx4gYOGu.24eA
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:10:32 GMT
x-amz-cf-pop
FRA56-P6
age
46898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 19 Sep 2023 07:59:07 GMT
server
AmazonS3
etag
W/"72cf60fc60d0f93155b86466def62d44"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
s4GtdeMxZ1JclWD9o-ZP5uEleSPgn-dK2wBD30jPQ50D_P9byGKTKw==
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/
25 B
780 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 16:02:49 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
561
x-cache
Hit from cloudfront
content-length
25
x-request-id
a34c5bc3-5ee1-11ee-96bd-c6cf2c4c0358
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
wrRJ7eauCRhw_bvnjqikrXrYEGG1qw62ee9usPMNqqeHovFNGXwStg==
authenticate
api-2-0.spot.im/v1.0.0/
347 B
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
52d64ac0b3a8d9ec1681de0786d3dd06ef7b5d8cf245d77ec97411d72bcdfa86
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_Sx8YukwE
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
347
x-spotim-token
01230929ob582R.330bfd37e7b98478dd811a757cf03f777b72a6527222f2d73218bc219fc5c036
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs
x-request-id
f17a58cd-5ee2-11ee-bad7-66bae18c4d7e
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
x-spotim-device-v2
d_9LwOMIdz7gz3D0kavpL2
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
mBlbgICmHGe8j-tDJ4_Gcblkvo3RxdJdS3OKZ9O6IVFRjZP7yFYoUA==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/
28 KB
4 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
51891be505532105e0fb1145eef010298a09076dca074818c22bec7a0cde55bd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
null

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-request-id
f17a6afc-5ee2-11ee-8635-2a17bb3ba4e8
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
635Xa4ZtJWbc4OZ8A0EI_Eq342p_7xAjW66rmNdDx6TM_Rqd05RCKw==
sp_Sx8YukwE
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Fri, 29 Sep 2023 16:12:10 GMT
server
fasthttp
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
E6hPFunUodu0pb-8guPRP-2XzFKgd0us2RK6f8rPentWxw5TxMKqdA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
authenticate
api-2-0.spot.im/v1.0.0/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:10 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
-YBvkn-juXHWtwcWTpy0d41HGejk5T2Q6J89Ol7iBksv3zivpI43vQ==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_Sx8YukwE/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:10 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
xhOnLZoWHyaCrBSwuhYqTWCyJ6nde6mLGNyeqexRMo8nrs_ek_cLXg==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
918-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
136 KB
35 KB
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/918-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
aqhpNH65SWVTs_goAlwP.LMV23CyMnUH
x-amz-cf-pop
FRA56-P6
age
1916832
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34868
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"5c219744e2d287fb0baa92c1288d9cb9"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BCL4qfm9ewzi8313Ly63g46HdDhxw0hSBURZSDTUBA2B6rj_ayTRZQ==
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
393 B
695 B
Script
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/with-all-vendors-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_Sx8YukwE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:44:59 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
NtujaiblLC2Yx1Plw3cH1Eq5_jj8T3MB
x-amz-cf-pop
FRA56-P6
age
1916832
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
218
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"9eeb9df073fd3a68df33c4f1d4a24d85"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ZcLoLi6uf4DpkZXM98gqCRXH6EbJSaPn095W0PlWm73ST4BTRBH30Q==
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
9 KB
3 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
32hS.RBMYjRJOhJIkplNDK6gFFgCDEu6
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:26:23 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
45948
x-amz-server-side-encryption
AES256
etag
W/"5ed2b7717eecaf3c14602f5dc04ecb95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
oOF_Ei9iuly1IBzUhumD5-FDf1V1KT27-nLSpu2wLAe7lM0gkv09zA==
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E93A
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pxZcVU8Dk73FyvFvdCgp2MSG/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 07:44:15 GMT
x-content-type-options
nosniff
age
376075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 02 Oct 2023 07:44:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E93A
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 06:47:09 GMT
x-content-type-options
nosniff
age
552301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E93A
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 17:41:40 GMT
x-content-type-options
nosniff
age
253830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 17:41:40 GMT
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
4 KB
1 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
bY774YUmW8n66LnNOzGqrd8DooB2kC._
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 00:49:42 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
55350
x-amz-server-side-encryption
AES256
etag
W/"111210e416d2b6b3a5edb5d643e9ca52"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
8ti1iSAVc7WyfFtHOKquZLibObtZ38JZbLMepq-9WoLXfTBwVGk2rQ==
webworker.js
www.google.com/recaptcha/api2/ Frame E93A
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5bd3fcac620ef1b86850c77ac1fc5fcc02fe744cc5ac5f999421cf03f4127a75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Leg3vIiAAAAAByX7xhKbJS8ZzblWErZEWeeILD1&co=aHR0cHM6Ly9ueXBvc3QuY29tOjQ0Mw..&hl=en&v=pxZcVU8Dk73FyvFvdCgp2MSG&size=invisible&cb=a4ka4p94ofyk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 29 Sep 2023 16:12:10 GMT
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
268 KB
74 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
0bzDV2sV_STMMrRM496SmRZW_NGJvE71
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 05:23:34 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
38917
x-amz-server-side-encryption
AES256
etag
W/"65b6fded5f4ad8a82780bdb8f6a581a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
xCg4oBo0uWph2GcGxJHDYoiA_2Eto1suC-wZljXkHVWPXg0a3SfQnQ==
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
67 KB
16 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
rAZ0xk39cnV7PZLcLnnzHbwBbdgEvTt7
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 06:45:06 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
34025
x-amz-server-side-encryption
AES256
etag
W/"5f391ab0d2d171dead272dafdae8a422"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
l_81bmcUcvIexPXjLihcob7-4W-43A9K8qH38L0ZvxiS6Y0TSFU4Dw==
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/
15 KB
5 KB
Script
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
hDrcsWlaXjkDR40VRzuVHy7k_TIYQoII
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 00:54:35 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
55055
x-amz-server-side-encryption
AES256
etag
W/"21317135d3f4011c632887268f914c9d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
7NA6jPCvooxYIOxGVth6f-r9qg493HcUPtE880Pz8DoXzncuO49BDA==
styles.css
static-cdn.spot.im/production/notifications/tags/v1.23.1/
236 KB
17 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
RW0xnZVefRKltbgJ8C0qyOyTyPYl0n_4
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:32:55 GMT
x-amz-cf-pop
FRA56-P6
age
45556
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
etag
W/"2801fd94aff85ac1d89a06bbb56ed91e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
STKd1P-5v8lwCs70J87UER5kOpJ0ozyU-tob0pA6As88-g_tNX8btw==
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
48 KB
15 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b011287ef7279aea91e4d1c33a9636e1ddd80951c493859b00a43150e5ca95b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:37 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
PnH0LQ4WJjH0bU4078BXvaOGhFFb6XI1
x-amz-cf-pop
FRA56-P6
age
1303594
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14716
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"b61347acb718bafabe34ceb4467842f2"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
04O1Qect4YhtmjbZC81_Lg7842babFe7IxRrbQQonTVwaCBjC2bp5Q==
reactions-bundle.js
static-cdn.spot.im/production/reactions/tags/v4.3.2/
10 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/reactions-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/891-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2584054d5b357bc1438d0f79e78154074c3c154f147fdac82c39b1a42a06820

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
lm_5S4AS4qgGxMmYDAdWmUVnYqBWRJWZ
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 04:01:42 GMT
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
43829
x-amz-server-side-encryption
AES256
etag
W/"682318df74d468b4fd8ef8a25e3f6444"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
B1m3fvJjOEm8Z3kxcvDC0b7mNw_p_I-44khh8Kcwz5fEpiC5ywgBBw==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/
3 KB
1018 B
Image
General
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 11:45:22 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
gZ6wuLIA6wBLFVotGsW9ITf1HqKgc2D8
x-amz-cf-pop
FRA56-P6
age
1916809
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
549
last-modified
Thu, 07 Sep 2023 11:16:14 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6J_e4Rj1hsLEocq5ho0N2H3uYWouPcw4qQcbsKRmmWZBaIu_zNn4HA==
ad-choises.png
publisher-assets.spot.im/yad/
4 KB
5 KB
Image
General
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-10.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:00:43 GMT
via
1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
688
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
G5PCJVuhAnZ7edy2vL-AwgVNz3KQFr3Gq9_1HNT5SIa2ORA9jovy_w==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 2057
15 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c67b2c5a246898ee41fbb13a7aa993bd4f1f446248e10afdc609a3d2462ceacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:02 GMT
x-amz-version-id
MT6ZEnD98Ib1PnGaCRhMhAAdaPK33tDZ
content-encoding
br
last-modified
Thu, 14 Sep 2023 09:38:00 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"30a1d10e64cddb8e92a6c2a24a8de6a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1569
x-amz-cf-id
t46_7cRF8VXWJL0PVs5IYh2sB7-LdjB0ET9r4Zrda2Vgu_uOa9F0Og==
hb_270443_10247.js
player.spotim.market/prebidlink/471112/ Frame 2057
918 B
785 B
Script
General
Full URL
https://player.spotim.market/prebidlink/471112/hb_270443_10247.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2057
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c15f28756313e50427733ebbc02860ac2e96e0fb5ee6ebdcfbd55c8e8cfd3e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29669
x-xss-protection
0
server
cafe
etag
18 / 19629 / m202309210101 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 16:12:10 GMT
wrapper_hb_270443_10247.js
player.spotim.market/prebidlink/471112/ Frame 2057
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/471112/wrapper_hb_270443_10247.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
808b9d4b153f7de407f828ce0fff1eedae8107f030d49eab4b511e1453b17402

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-869"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
static-cdn.spot.im/production/reactions/tags/v4.3.2/
154 KB
47 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/vendors-node_modules_babel_runtime_regenerator_index_js-node_modules_spotim_ui-components_dis-cb2aa4.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/reactions/tags/v4.3.2/reactions-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
kXkAD7WI_KhRKggQQtPmbfQsuJigUZEq
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:48:22 GMT
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
44631
x-amz-server-side-encryption
AES256
etag
W/"71ba81daf748daa9747095c40fc4427a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
sDvD9kH4wL7lGVEyVwFFAAV6-Z6VKihWFGIkhj_h1gexsv2bZCiXnA==
src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
static-cdn.spot.im/production/reactions/tags/v4.3.2/
39 KB
11 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/src_components_App_App_tsx-src_i18n_ts-src_state_store_ts-src_utils_getConfig_ts-src_utils_sc-9878f5.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/reactions/tags/v4.3.2/reactions-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f56473141577d2b87c23d340192177edda4e2e5860257152f9814e143d5d82d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
q8H4LZJyUHqCpyalr7d_mhZuWOST9k1W
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:04:29 GMT
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
47262
x-amz-server-side-encryption
AES256
etag
W/"c5a7b5f86eb37e099a7abe0380cdd3ec"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Vi-vR2ByoOO9BXW_wcRK-C9qVCrWvLPiqe_vI4rJPQ8MKWZuRB6Atw==
src_boot-next_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.3.2/
2 KB
1 KB
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/src_boot-next_tsx.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/reactions/tags/v4.3.2/reactions-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66499ddf1a34f67f53c5a31abc9e866f7c54a64a8cda4199a9d6bd1f2b1df51d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
Uk.cMvJ_B7AXEnAtDTPje7XRBkqyxRDq
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 06:40:18 GMT
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
34313
x-amz-server-side-encryption
AES256
etag
W/"57882e2cb0d213687f49299dda3fdc64"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
c_wlesm5E-4vwoRgmvvMqEeLbDKpG8ZkX-kIzs5OCUP9pXBPXOtQ_g==
styles.css
static-cdn.spot.im/production/reactions/tags/v4.3.2/
114 KB
11 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95dbebd05e181e670882efc87e7acdb11e09db4d3d4d95b518ef755af3df045c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
5URzTAVLeMNBoDZi_wii99xAHqDPxvrw
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 03:59:26 GMT
x-amz-cf-pop
FRA56-P6
age
43965
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
etag
W/"d60cfad710385484bd8c9600621cedbc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
7xndAVkmP1_LhyJncJtZi3wQ2s__TRw5Ej-XCfMbPRGBTfeP7NE4zQ==
pixels
pix.spot.im/api/v1/
0
230 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-111.cdg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
e8EqKYTMIgDoVGaXZKkgnAWipENxIezdILB6JJLgojGIHeM3bGedTg==
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
37 KB
6 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/styles-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f449541930dc8900ab0217a894713d3ec86f5b3383663b3f618a939963c6ae1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:39 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
KrgtPachWZUwgDHyLbpbL2idAxKrDQgh
x-amz-cf-pop
FRA56-P6
age
1303592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5647
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"98f80de8d695445b6816476378d56810"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DqEkQHpg21EpU0cP6ZbsmOJ0ELIUIXzJbHFbiyekoxfadzaLaKU56g==
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
390 KB
99 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2b932f629c676a2dcacb9f189d8506004aae6ff09167b109ed6bf6d56cf4d89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:39 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
f47aLJvvcgzCJmAiwSTVzIzENYuAEj27
x-amz-cf-pop
FRA56-P6
age
1303592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
100640
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"5a818ab443aebe040b9d30238c85b81b"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8k1i5MzeEZrMoe_nuuVC7tQYhH5PV6G5mLAIx84iqrpuWzUuPUUlhQ==
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
139 KB
37 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e6fc5d83f5b9f3885aca956fc4ea1198e0c42eb9ddb86a8edeceee89a839f55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:39 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
QkfwG3k4q4yxOp7CjT622IklOdM4bgjq
x-amz-cf-pop
FRA56-P6
age
1303592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37710
last-modified
Thu, 14 Sep 2023 14:02:34 GMT
server
AmazonS3
etag
"9d58881fa275b95efb096b26dc4150a5"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xZ_KPYXwkhMVMXaA0PedZdoR-uiIhjfLc9DS8cfsi5kxuqol2pIRCw==
app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
38 KB
12 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:39 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
gFJ__ZlKa13RPpbOAUnldIXJOSm3wTYw
x-amz-cf-pop
FRA56-P6
age
1303592
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
11629
last-modified
Thu, 14 Sep 2023 14:02:34 GMT
server
AmazonS3
etag
"a5156fb0594750458d4df621594ca8bd"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
caWoYza9mmB7LZdEdOWJWQHY8F5olbh221RXA8zU9U1CqOFfHg0H-Q==
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
9 KB
4 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-boot-next-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:40 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
dFjXiA.tqe.PIQBFY9DK5mCR1uV4WLXn
x-amz-cf-pop
FRA56-P6
age
1303591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3175
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"cc08ae41786766b182331369f9be0d27"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
7SdGvCU9VOLdRoDBobDbwOet1DQhP5SDFp66mdDZNW88egLecZ4J3Q==
styles.css
static-cdn.spot.im/production/conversation/tags/v3.84.8/
667 KB
39 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a81c3dc7fb18f31d65764a0a84a91bb66d3566ae5795aa1e094f709ada5de69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:38 GMT
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
x-amz-version-id
KLimKOA.RzGNxCuMxqu0fJZllHUFw4G4
x-amz-cf-pop
FRA56-P6
age
1303593
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
39019
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"f6a67a2a29029f6872c3133b7b5d6fc7"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TfpYOWLw2izkagR5HTAnbd-WHZlgbwBIUFjMeBRkvH9onCJkO1IU1Q==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame E5B6
15 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c67b2c5a246898ee41fbb13a7aa993bd4f1f446248e10afdc609a3d2462ceacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:02 GMT
x-amz-version-id
MT6ZEnD98Ib1PnGaCRhMhAAdaPK33tDZ
content-encoding
br
last-modified
Thu, 14 Sep 2023 09:38:00 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"30a1d10e64cddb8e92a6c2a24a8de6a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1569
x-amz-cf-id
T6_Sedpazm5jbpw48-cFy1yHkY2aDKdghMLkPmQm8WQg33aZ6fShow==
hb_270443_10247.js
player.spotim.market/prebidlink/471112/ Frame E5B6
918 B
784 B
Script
General
Full URL
https://player.spotim.market/prebidlink/471112/hb_270443_10247.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E5B6
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
581350c52977fc73b35adfe430481ba2f100ed9177c6d3d2256243f52e0a5c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29746
x-xss-protection
0
server
cafe
etag
509 / 19629 / 31078189 / config-hash: 6693637385863441016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 16:12:10 GMT
wrapper_hb_270443_10247.js
player.spotim.market/prebidlink/471112/ Frame E5B6
2 KB
1 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/471112/wrapper_hb_270443_10247.js
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
808b9d4b153f7de407f828ce0fff1eedae8107f030d49eab4b511e1453b17402

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-869"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
player.js
player.aniview.com/script/6.1/
39 KB
14 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.5.0/ads/ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:9b8::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c46f47251a8cedcc92264f0ba3ab8eb34f512b76d477e402cbe79a4472b06ee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsekPW3g9Z9jClm8bZvBlteRY_W9T6aPVr5zAIqXk2pOE66_PasaDVUxEwjH-K-y-2Xv-M5dAWuXX3DSBFGVwbpZHI4lAdb
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13568
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"7b0373cff2baf92a25e88f8fc9dd2cef"
vary
Accept-Encoding
x-goog-generation
1695728482251882
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=wq7hdQ==, md5=ewNzz/K6+Sol6I+Pyd0s7w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13568
accept-ranges
bytes
expires
Fri, 29 Sep 2023 16:22:10 GMT
track
track1.aniview.com/
0
97 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=629f4747b6739425b779f627&e=playerLoaded&cb=1696003930549&r=https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
59 B
891 B
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
58e3464db0990e0889c901510ef5cbfc7328050ffd0837138e9cb0c61530845a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
59
x-spotim-token
01230929ob582R.330bfd37e7b98478dd811a757cf03f777b72a6527222f2d73218bc219fc5c036
x-request-id
f1f1d087-5ee2-11ee-9859-56134d16d70e
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
x-spotim-device-v2
d_9LwOMIdz7gz3D0kavpL2
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
BhhM7YfZuX3FAKlbqbSus5_HQMRivE-f4zrRYn3TvtDyqo9d5JVQ2Q==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:10 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
xGfTggwSixhrbiZFoeoqu7qrtZFbjw4D2-jqNa0qAZgIryEPS-Z4sw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
track
track1.aniview.com/
0
98 B
Image
General
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=634e65320022fb473b34ce15&e=playerLoaded&cb=1696003930613&r=https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 2057
374 KB
122 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5854a2500a0a201e00c9f934d676953f91d9c630e6e7bf9e8aee70c8a4322967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:01 GMT
x-amz-version-id
CfFhIjdFvlb9O26w2OaJUnqeRW9c7pkq
content-encoding
br
last-modified
Fri, 29 Sep 2023 15:11:02 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"b250dc0af093ab0f508a81355cd4c985"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1570
x-amz-cf-id
n0iFcbS2Q8Sshmss7aanSIKa9d7zHdAbSC7qvZ67lU3_aVpxN8Flhw==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame E5B6
374 KB
122 KB
Script
General
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5854a2500a0a201e00c9f934d676953f91d9c630e6e7bf9e8aee70c8a4322967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:01 GMT
x-amz-version-id
CfFhIjdFvlb9O26w2OaJUnqeRW9c7pkq
content-encoding
br
last-modified
Fri, 29 Sep 2023 15:11:02 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"b250dc0af093ab0f508a81355cd4c985"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1570
x-amz-cf-id
dxtcDThEZLFPucs5zONbyGCLECX999FT3mJKDGi2tIrg6OYYKMHImQ==
hbp_master_270443_10247.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 2057
469 KB
145 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
70cb36e1705100380461ae92749d1b7838286c8fd15d2773d2232695c4b5d070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-754af"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_10247.js
player.spotim.market/prebidlink/vVHn6/ Frame 2057
239 KB
48 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1cae1c37d59e19b1d0e1478225eb6330a3411aa8513507d68fc9c99ffdb29122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:10 GMT
date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-3ba68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
IXBvYOvB-1920.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/4iAMHQk9/poster.jpg?width=1920
  • https://assets-jpcust.jwpsrv.com/thumbnails/IXBvYOvB-1920.jpg
159 KB
159 KB
Image
General
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/IXBvYOvB-1920.jpg
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8be1a178a674283ec672a2a519eb1fac0a7b8b019d6e2a4d4e12c012ca891c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
350
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
162532
x-served-by
cache-iad-kiad7000177-IAD, cache-fra-eddf8230074-FRA
last-modified
Thu, 21 Sep 2023 13:35:55 GMT
server
nginx
x-timer
S1696003931.189729,VS0,VE89
etag
"d230bb1594830c5d3175bf3be0900045"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
105101, 1

Redirect headers

date
Fri, 29 Sep 2023 16:09:56 GMT
via
1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
MUC50-C1
age
134
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/IXBvYOvB-1920.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Hit from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
5Lrz5-gBVIx8VqZ8_F5tKeTdKqgtPHG4rzDWWLRPje-ijUsFdas6Qw==
player.js
cdn.ex.co/player/ap/3.55.0-d55ac9d/
448 KB
118 KB
Script
General
Full URL
https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
117293b70053c137f012c953143cc66d98caf89dadc5847d7a60360f0a350af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:10 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
120102
last-modified
Thu, 28 Sep 2023 13:40:39 GMT
server
AmazonS3
etag
"0c11ea0992ba4869d1ce7f4c6ba8657f"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 06 Oct 2023 16:12:10 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ Frame 2057
409 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
21169
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132106
x-xss-protection
0
server
cafe
etag
17184539905708832606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 10:19:21 GMT
beb73a745fe018e176e662d517c660f0463f53c347c86
rebelhen.com/0479c83/
2 B
332 B
Ping
General
Full URL
https://rebelhen.com/0479c83/beb73a745fe018e176e662d517c660f0463f53c347c86
Requested by
Host: rebelhen.com
URL: https://rebelhen.com/v2csnUsFoH1XR1oW51-C6NQBdGmIS6hRimi-eyRebi0VRmqDrwM_hCHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 29 Sep 2023 16:12:10 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
x-hostname
fen-hoothoot-europe-west1-spot-091r
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 29 Sep 2023 16:12:09 GMT
hbp_master_270443_10247.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame E5B6
469 KB
145 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
70cb36e1705100380461ae92749d1b7838286c8fd15d2773d2232695c4b5d070

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:11 GMT
date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-754af"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbw_master_270443_10247.js
player.spotim.market/prebidlink/vVHn6/ Frame E5B6
239 KB
48 KB
Script
General
Full URL
https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
1cae1c37d59e19b1d0e1478225eb6330a3411aa8513507d68fc9c99ffdb29122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:11 GMT
date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 15:01:46 GMT
server
nginx
etag
W/"6515955a-3ba68"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
AVmanager.js
player.aniview.com/script/6.1/ Frame F5AE
435 KB
125 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:9b8::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5d6f2cecf904b1b45caa6561439a7f26cd547a36c611227f71b18b1b37139585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt53lP7HUtqW5yNxFiVomkVBDxl-LCElBNcaJU96gjIHB2NESJ7DlZbo5876XFf_hp3AxfhGHd8F9ZieN8m2_yYBMMeomrB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
127792
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"60466a992d9c38260ef197ba853db7dd"
vary
Accept-Encoding
x-goog-generation
1695728482137645
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=ikOrMQ==, md5=YEZqmS2cOCYO8Ze6hT233Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
127792
accept-ranges
bytes
expires
Fri, 29 Sep 2023 16:22:11 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 60F9
435 KB
125 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:9b8::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5d6f2cecf904b1b45caa6561439a7f26cd547a36c611227f71b18b1b37139585

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt53lP7HUtqW5yNxFiVomkVBDxl-LCElBNcaJU96gjIHB2NESJ7DlZbo5876XFf_hp3AxfhGHd8F9ZieN8m2_yYBMMeomrB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
127792
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"60466a992d9c38260ef197ba853db7dd"
vary
Accept-Encoding
x-goog-generation
1695728482137645
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=ikOrMQ==, md5=YEZqmS2cOCYO8Ze6hT233Q==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
127792
accept-ranges
bytes
expires
Fri, 29 Sep 2023 16:22:11 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/ Frame E5B6
410 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210203/pubads_impl.js?cb=31078189
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6f8385a32456868e5011ef7af0cd073451d45efa2771adc8a6a22374ddcb9d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 10:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21184
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132169
x-xss-protection
0
server
cafe
etag
13153470105769340090
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 28 Sep 2024 10:19:07 GMT
cookie_sync.html
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 3CC4
370 B
608 B
Document
General
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1328577775&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
must-revalidate, proxy-revalidate, max-age=71240, s-maxage=31536000
content-encoding
gzip
content-length
255
content-type
text/html;charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
etag
"6c913cf53e2f19bb85cbce59bc48565f"
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 2057
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
61b02317144b41f42e977342d66662dcc88a5e58590cd55022a693fe79fe439f

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 16:12:11 GMT
date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:01:12 GMT
server
nginx
etag
W/"65156b08-84a"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 2057
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:28:02 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-C1
age
2650
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
GWysLK6X76noAGrcv4Si7rBPyeFPm7AVrc4cs3qhBXVKMmPXmF-fsA==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 2057
374 KB
122 KB
Script
General
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8093a2db3f00b3ba1c209a38f4a80d50d55605caecea0d68582f6d6e6bab1917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:02 GMT
x-amz-version-id
n81EFHy3NdnhcK0Uth9FIOtOxNaSzlgK
content-encoding
br
last-modified
Fri, 29 Sep 2023 15:10:41 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"1bab08d09a6b296f6d670804eaac9f59"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1570
x-amz-cf-id
xW01_jv-qPy-f32fyhHyDFKtjONjdcz32l4NTJDTbCxXToquKviTwA==
async
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:11 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
4eIx7EN1CQWrvMh5TN7BjHlm0Yzhc9_3nBufFTDM-hFLe6qndJoqHA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Fri, 29 Sep 2023 16:12:11 GMT
server
fasthttp
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
WzYmK5AOjsR8c4eRo2Gq1c84Kc3Wez7Qe2z_Jna3F08NT5Eb97t6bQ==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
async
api-2-0.spot.im/v1.0.0/conversation/
3 B
2 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
3
x-spotim-token
01230929ob582R.330bfd37e7b98478dd811a757cf03f777b72a6527222f2d73218bc219fc5c036
x-request-id
f26f1c50-5ee2-11ee-aeda-6ed37136e83a
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
x-spotim-device-v2
d_9LwOMIdz7gz3D0kavpL2
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
RuHBPIg5QE1NcDYN9nr8j2Xevu7uTzlczzoGKHctLmI9trvtY2zuXw==
pixels
pix.spot.im/api/v1/
0
228 B
Ping
General
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-111.cdg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
c3ne7avzvADY5NGH3boOBK848MK1rYSh3OLGmOcIcf7rMBIqb1Gv7A==
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/config/
683 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/config/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 15:14:28 GMT
content-encoding
gzip
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
3463
x-cache
Hit from cloudfront
x-request-id
e22ef420-5eda-11ee-a2e3-3a768c14754f
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
fOHxBFPZHbrCtLaZ2laSn-A7yDg2nOI-_KMkg7cO05c01p91RHFOLA==
sync-4b7ae961.js
cdn.ex.co/sync/0.0.1-1082b4e/ Frame 3CC4
3 KB
2 KB
Script
General
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1328577775&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f

Request headers

Referer
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1328577775&gdpr=0&gdpr_consent=
Origin
https://cdn.ex.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
1365
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
etag
"ea77f73013f99623af0cfc02bdf7a34a"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 06 Oct 2023 16:12:11 GMT
/
ghb.spotim.market/geo/ Frame 2057
154 B
420 B
XHR
General
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3e396451bc8495d2e49e2d63733551e31b888d3b944b9f5eb8516917edfd0040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:10 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.spotim.market/adunit/ Frame 2057
43 B
425 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=10247&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fnypost.com&adid=4sy8p4.3q&features=82144&utm_source=hs_email&utm_medium=email&vpbv=N177&lifecycle_tte=1330
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:10 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.flourstech.com/prebidlink/19629/ Frame FA0E
1 KB
888 B
Document
General
Full URL
https://p.flourstech.com/prebidlink/19629/j.html?i=12915
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
etag
W/"620bee41-43d"
expires
Sun, 01 Oct 2023 16:12:11 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
08ed2dbba267205f7da9.css
player.aniview.com/script/6.1/assets/
18 KB
4 KB
Stylesheet
General
Full URL
https://player.aniview.com/script/6.1/assets/08ed2dbba267205f7da9.css
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:7100:9b8::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0acc4587ac96b58cf4b13f1fb52bbf29f6b15555aa3d52d14ccd7966d226f5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds5bA_3uPWN9TfXYYLcXPH9nBYOT1ixN3ZL3ciMKuBoL6yAprNcavpfwqqZIgTNl_tWCTfcWGD1onqVoLZc_O5-e5eJLouY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
3542
last-modified
Tue, 26 Sep 2023 11:41:22 GMT
server
UploadServer
etag
"1437d970d6b55154b2dd57d8f2e24584"
vary
Accept-Encoding
x-goog-generation
1695728482645108
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=1iuiXg==, md5=FDfZcNa1UVSy3VfY8uJFhA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
3542
accept-ranges
bytes
expires
Fri, 29 Sep 2023 16:22:11 GMT
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
667 B
882 B
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/ad-container-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:41 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
K9T5Z_B7eZlhtgch9q.MTFm_iIMg0hIZ
x-amz-cf-pop
FRA56-P6
age
1303590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
406
last-modified
Thu, 14 Sep 2023 14:02:34 GMT
server
AmazonS3
etag
"e4fdb5f82b0df9e0b3d49f784d351444"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3LZTiskaONhD25QGrfD8_q8Un57pDzUlFAfflDeOHufu3WLPM2kuCw==
config.json
player.adtelligent.com/exchange_rates/279896/ Frame E5B6
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
61b02317144b41f42e977342d66662dcc88a5e58590cd55022a693fe79fe439f

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 16:12:11 GMT
date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:01:12 GMT
server
nginx
etag
W/"65156b08-84a"
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=86400
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame E5B6
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:28:02 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-C1
age
2650
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
t-SP_YhJbj2azk8nUf8rYr9ofZErEIj2ufBk3Ovitq-gSE_FKeolVQ==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame E5B6
374 KB
122 KB
Script
General
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:fa00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8093a2db3f00b3ba1c209a38f4a80d50d55605caecea0d68582f6d6e6bab1917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:46:02 GMT
x-amz-version-id
n81EFHy3NdnhcK0Uth9FIOtOxNaSzlgK
content-encoding
br
last-modified
Fri, 29 Sep 2023 15:10:41 GMT
server
AmazonS3
via
1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
etag
W/"1bab08d09a6b296f6d670804eaac9f59"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1570
x-amz-cf-id
IUDNZctR-Gbk-DlxK4bAFGpkBG2q4CI7ri05nJHeW8nNyg1P7xp1aQ==
read
api-2-0.spot.im/v1.0.0/conversation/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:11 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
Ykgw-NwpCogGGJJcM2dQ97IBPZUnWbSNaKyM0NdepQJM8SSneN44hA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/
9 KB
4 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
8ad038f5403f413b0adcc88d0382d346bc39d5780e4e8573b77579e9b33e1c54
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-spotim-token
01230929ob582R.330bfd37e7b98478dd811a757cf03f777b72a6527222f2d73218bc219fc5c036
x-request-id
f29f04a4-5ee2-11ee-93db-4228fc2c1168
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
x-spotim-device-v2
d_9LwOMIdz7gz3D0kavpL2
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
UBDoTSAVLUF6-UePiwGSuwedDUZ6dDaLYX8kewZ6eVvArq7fxD_DeA==
/
ghb.spotim.market/geo/ Frame E5B6
154 B
420 B
XHR
General
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3e396451bc8495d2e49e2d63733551e31b888d3b944b9f5eb8516917edfd0040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:10 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.spotim.market/adunit/ Frame E5B6
43 B
425 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=10247&pbjsv=v7.37.4&full_page_url=https%3A%2F%2Fnypost.com&adid=4sy91e.ev&features=82144&utm_source=hs_email&utm_medium=email&vpbv=N177&tte=1234&lifecycle_tte=1321
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:10 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.medocdn.com/prebidlink/19629/ Frame 0F6D
1 KB
888 B
Document
General
Full URL
https://p.medocdn.com/prebidlink/19629/j.html?i=11596
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
etag
W/"620bee41-43d"
expires
Sun, 01 Oct 2023 16:12:11 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
/
go1.aniview.com/api/adserver/tag/
53 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=reactions&AV_CDIM4=6198326e-04fd-449f-9ad6-65ceed664b52&AV_CDIM5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.5.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=629f4747b6739425b779f627&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/629f4747b6739425b779f627/nypost.com&d36=6.2.130&responsive=1&sver=4&avtoken=931788&omv=1.0.1&clsid=a1ad5856-987c-419d-8f30-76b9d69e3593&rando=68&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1696003931791&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.84.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-84-96.compute-1.amazonaws.com
Software
/
Resource Hash
76b49afa7f39794275144ef77b86fea1fe3a4557fb21b15027eb2407ca72825a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Mon, 18 Sep 2023 02:25:32 GMT
track
track1.aniview.com/
0
97 B
Image
General
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=reactions&cd4=6198326e-04fd-449f-9ad6-65ceed664b52&cd5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.5.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=a1ad5856-987c-419d-8f30-76b9d69e3593&rando=68&pid=5e0e296628a061270b21ccab&cid=629f4747b6739425b779f627&stagid=&stplid=&e=inventory&vi=0&cb=1696003931790
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/
57 KB
5 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_Sx8YukwE&AV_CDIM2=Desktop&AV_CDIM3=independent_ad&AV_CDIM4=6198326e-04fd-449f-9ad6-65ceed664b52&AV_CDIM5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&AV_CDIM6=tier1-conv3&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=5850&AV_CDIM10=v22.5.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&AV_DNTCHECK=1&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=634e65320022fb473b34ce15&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=nypost.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/634e65320022fb473b34ce15/nypost.com&d36=6.2.130&responsive=1&sver=4&avtoken=931798&omv=1.0.1&clsid=dae0eae5-ae43-40fb-825a-8f6011a3d142&rando=94&AV_WIDTH=300&AV_HEIGHT=169&AV_CCPA=1---&AV_DNT=0&cb=1696003931799&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.84.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-84-96.compute-1.amazonaws.com
Software
/
Resource Hash
7099199a2d87ee106ac4fb259435e59082d7f31fb4358cff07343bbfbdb968e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://nypost.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Mon, 18 Sep 2023 02:25:32 GMT
track
track1.aniview.com/
0
97 B
Image
General
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=independent_ad&cd4=6198326e-04fd-449f-9ad6-65ceed664b52&cd5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.5.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=dae0eae5-ae43-40fb-825a-8f6011a3d142&rando=94&pid=5e0e296628a061270b21ccab&cid=634e65320022fb473b34ce15&stagid=&stplid=&e=inventory&vi=0&cb=1696003931799
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
hbw_master_307825_12915.js
p.flourstech.com/prebidlink/y19629/ Frame FA0E
116 KB
37 KB
Script
General
Full URL
https://p.flourstech.com/prebidlink/y19629/hbw_master_307825_12915.js
Requested by
Host: p.flourstech.com
URL: https://p.flourstech.com/prebidlink/19629/j.html?i=12915
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e58f4e8af1e3f8783b6acbf98bd26b1561d5b64517a738b9ba361cbbe3648801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/prebidlink/19629/j.html?i=12915
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 16:04:47 GMT
server
nginx
etag
W/"64f8a31f-1ce7d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sun, 01 Oct 2023 16:12:11 GMT
cookie_sync
sync.ex.co/v1/ Frame 3CC4
1 KB
2 KB
Fetch
General
Full URL
https://sync.ex.co/v1/cookie_sync?network=368531133%2C1328577775&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
2420f6bca82d9c7c0d80560de948b880b2280b54e716cf44631b575e06b3bfd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.ex.co
date
Fri, 29 Sep 2023 16:12:12 GMT
access-control-allow-credentials
true
content-length
1528
vary
Origin
content-type
application/json
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame 2057
537 B
805 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-114.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:51:39 GMT
via
1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
1232
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
jVvjrWNMAQ30uhfnV4XhmqqNeZzg67jOuF6GOPu7-Ygq-KjnzCQjuA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 2057
4 KB
5 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnypost.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
via
1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
BPSfPLldDn-mT-g94Idb0bzLRMgsSnWOM7VPCs_wKpp7soYYuX8z_w==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 2057
23 B
459 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&pid=6Jog4HN3t2Yzv&cb=0&ws=336x280&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1689257402099-0%22%2C%22s%22%3A%5B%22336x280%22%2C%22320x250%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C5850%2FReactions%2FReact-NYPost%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-amz-rid
E4FTN20D1EVFHPB0D48E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
XKtZLG0gYfYxS3yttrW-dvpqVH59fmk8dZKzYoYQuYoikR0kblm5Nw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2057
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 05:00:28 GMT
x-amz-cf-pop
MUC50-C1
age
40304
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rxE6ZrxdmpglUK3dKSwrJdTjekegsgLbMUuW7dHwAdJ30JCRHSSxgg==
hbw_master_307825_11596.js
p.medocdn.com/prebidlink/y19629/ Frame 0F6D
117 KB
37 KB
Script
General
Full URL
https://p.medocdn.com/prebidlink/y19629/hbw_master_307825_11596.js
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/19629/j.html?i=11596
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
32c650890e99047bc6cd795d59b958a70489d924d0848d452cee047d4c7b5918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/prebidlink/19629/j.html?i=11596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 01:33:10 GMT
server
nginx
etag
W/"64f7d6d6-1d25c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sun, 01 Oct 2023 16:12:11 GMT
csyncs
ghb.spotim.market/ Frame 2057
3 KB
1 KB
XHR
General
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229&aid6=839059&aid7=849704
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ec49b01303a027cc738f7c0250de452c54b0b0b519362a3beecc90024402b10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
910
csyncs
ghb.spotim.market/ Frame E5B6
3 KB
1 KB
XHR
General
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229&aid6=839059&aid7=849704
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
bf03af9c9bb375ce984d3951643b9a63be794e2f92760c6441306ae48f55b31d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
915
9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
config.aps.amazon-adsystem.com/configs/ Frame E5B6
537 B
803 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-114.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:51:39 GMT
via
1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
1232
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
WFBtY5MuBT8QgTOeV3lzAe8daM7_Xg_G8fMrrbVaZXcfHNW2CxUaDA==
config
c.amazon-adsystem.com/cdn/prod/ Frame E5B6
4 KB
5 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnypost.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
Server /
Resource Hash
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:11 GMT
via
1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
4461
x-amz-cf-id
vt21Cf115w6TJgTXSDm9HjBsRyCQtS2HzsZxxKsGyZm5culMu7cjVg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame E5B6
23 B
457 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&pid=1FUPGOjkITBtW&cb=0&ws=336x280&v=23.919.1525&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1649081769412-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22320x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F39694909%2C5850%2FIndependent%2FInd-NYpost%22%7D%5D&schain=1.0%2C1!spotim.market%2Csp_Sx8YukwE%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdpre=1&gdprc=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-amz-rid
04640H0MBMV6VG66Z0GQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vGfbZbWM7cOye5TKLmhonOBNJsbfYYjjhEVwPiNslHvGp2rCUH9TsA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E5B6
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 05:00:28 GMT
x-amz-cf-pop
MUC50-C1
age
40304
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
pXp1GtEz7iyQ4-gJGxt6p3t5uy89G0ce4Hd82mWDj4-013m7k7fTzQ==
pixel
ap.lijit.com/ Frame 3E75
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:12 GMT
X-Sovrn-Pod
ad_ap7ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F203
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167271
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 060D
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame 7084
125 B
152 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
csync
sync.spotim.market/ Frame C4C3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BG...
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:11 GMT
Etag
a2ca1699388480ce
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
473b6676-1534-4192-88d2-5114d730990b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2057
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.ex.co/v1/ Frame 2057
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&zcc=1&cb=1696003932089
  • https://ad.turn.com/r/cs?pid=45&rndcb=5392436586
  • https://sync.1rx.io/usersync/turn/3746808186033006133?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b49...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
86 B
607 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX12b490af480f4f24bca2d4d621dc4945003
content-type
text/html
pixel
ap.lijit.com/ Frame 2057
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:12 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2057
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
43 B
767 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hx9xegcOd3vhd206bd7FZmxqBG7ISJsUr5hWV3xZZCSBTjGbwtFjSxRyBVNhebHe%2FDPug8ykNF4tgumAd0DSHFwydff4Hll35neY%2FKUgHO7JJokc7pI4qP12nivMnOegstCFb6wQqQ4KrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e5819fe91c3737-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7hiYhGzen0IBZbkmV6zLhw9Y9AAc0wUp6RjK%2BomENze6q6TVvM5wKeLVpqLwCCFO9sk7Itr2wyWf22qrDjcPX%2BcAsw%2FiOP4gAvQr1dAREWPjRMr0BrGiXzy80xd5xw%2F1SgAJcIwkYAaOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/usermatchredir?cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E&s=190532&C=1
cache-control
no-cache
cf-ray
80e5819f7c2a9b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
csync
sync.adtelligent.com/ Frame 2057
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D&s=189529&C=1
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
43 B
466 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctY5RrogTow8a%2Bp30AMcxa4xMHXhF7dvMEu1ROhWtmomyqr0PGSj5bpLDTpgrkddlXG6%2FmcGz31qvcWmi%2F0MZc8gW%2Be1txOVlp06OKSLMnko5li5onlfsHH8sPgFyDpWdC%2FsbX%2BAiXYhvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
cache-control
no-cache
cf-ray
80e5819fdcb29b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame 2057
43 B
245 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
csync
sync.adtelligent.com/ Frame 2057
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/
108 B
1 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
d566cecb92cdd81c0bd52584787e6db3a51d74b6ea36acfcf073fca8be88dbc9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
content-length
108
x-request-id
f2cbc07a-5ee2-11ee-aa02-ae51b3d10429
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
1bkmRYUvwiMK5b4MNKze9MG9eOxm4Ls-Y1ATQzW1IfUPP2kaYLnYuw==
NYP%20Site%20Wide
api-2-0.spot.im/v1.0.0/reactions/stats/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/reactions/stats/NYP%20Site%20Wide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:12 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
xYdF427XqKJ5Cr7AhAKf4bWCm4PAGHNb6sH69WRcSTe6wfJ5R3w4Xw==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
tag
btloader.com/ Frame 2057
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
15 KB
7 KB
Script
General
Full URL
https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152588670e321c471ade3b64c472922c0baaf6f96297cfb285be886b7770c503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 16:00:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
603
etag
W/"c4589fad62bc97a7de617c79413d165e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXrNXFbmstIBP4CTpN%2BlJ%2FXrHAeJMCra%2F2OCGmlS0wdJCfpUTIoIS0rH98NtDlUVDzi6O3D4SNrZztzFDn068fMOskHsCL%2BF77afi3YDPP51msbV2xHCTi%2B%2FbwCluDt690yojEnO6bUaiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80e581a05cac90fe-FRA

Redirect headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1014
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1W7teMXI8qajpMotbOlQez3Vney5CTuvEGx0WAGyUFi04mVPQwWLUXhxrCuMEfSw8gCbVc8EvjSO8nxWmX8PP%2FPV43hVunGbABYBWW4A90PH7zntk5qUK4m88RBk3qTfYlNa22oMWnwGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=nypost.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
80e5819ffc3190fe-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2057
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 29 Sep 2023 16:27:12 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 2057
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:31:23 GMT
content-encoding
gzip
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
42050
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
iQzl2eMwPMtL_hDhT_nWfVKcKsXaPTFuIKeXsCSjjYqkSmKdU2QryQ==
hadron.js
cdn.hadronid.net/ Frame 2057
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&ref=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&_it=amazon&partner_id=471
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
1761
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
80e5819fffc519b3-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 2057
142 KB
31 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 09:24:45 GMT
server
cloudflare
x-amz-request-id
XX6C910DXX7SM7N1
age
1799
etag
W/"7bfa86f4fd91656713a35814298e67fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80e581a008679974-FRA
x-amz-id-2
/D1jmujlr0ty7zwI7L4MWMJNbx6tnx22NRva36Ab7ZPyRbeh8RILqepQTv0ydLFyQ1UDi6aNnBA=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 2057
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 29 Sep 2023 16:27:12 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame E5B6
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
sync.ex.co/v1/ Frame E5B6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://ad.turn.com/r/cs?pid=45&rndcb=2178748830
  • https://sync.1rx.io/usersync/turn/3674750591995078197?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b49...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
86 B
607 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX12b490af480f4f24bca2d4d621dc4945003
content-type
text/html
pixel
ap.lijit.com/ Frame 53DA
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:12 GMT
X-Sovrn-Pod
ad_ap7ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7772
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167271
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 65EF
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame A917
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D323548%2526extuid%253D%2524UID%2526%255BGDPR_APPLIES%255D%2526gdpr_consent%253D%255BG...
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:11 GMT
Etag
a2ca1699388480ce
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
11ccc760-3b20-43a7-9346-8cbb2e951243
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
csync
sync.adtelligent.com/ Frame E5B6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XBdfXs4eDHEr5l6q9wAA%265289
43 B
466 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XBdfXs4eDHEr5l6q9wAA%265289
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7en87BgsQaadsg5EhqKgNGHjx%2BWLyGfAYGArf4tlRb5x3GiDnr%2BJrhgA6cI2hYOBBVevpE3QYs4Qi2NFkgvUTX0aPGD1Qv9F%2BLyTzt8XFlF3%2FS1Gf5gUnkfVsejlLzaUN9y5nuhb4maCg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZRb3XBdfXs4eDHEr5l6q9wAA%265289
cache-control
no-cache
cf-ray
80e5819fcc979b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
prebid
rtb.openx.net/sync/ Frame E5B6
43 B
103 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26gdpr%3D%7Bgdpr%7D%26gdpr_consent%3D%7Bgdpr_consent%7D%26ep%3D482928%26extuid%3D%24%7BUID%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
isyn
prebid.a-mo.net/ Frame 15DB
125 B
266 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
pixel
ap.lijit.com/ Frame E5B6
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:12 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usermatchredir
ssum-sec.casalemedia.com/ Frame E5B6
43 B
335 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnhyX2vK5DLKgoHyUZ2hDN4GSFiIR7QdZeyMjetxvb77FhOlWPdyadBCuTPgGfw1vZ9KjzL83ucQpKDPCCg8AQuXEEffse5ImshIURLlfrfZW3bWDrNDVDv%2B6BLFETJigXEelWpfzlpyew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e5819fccb09b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0
csync
sync.adtelligent.com/ Frame E5B6
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif
hb_307825_12915.js
player.adtelligent.com/prebidlink/ex19630/ Frame FA0E
920 B
786 B
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19630/hb_307825_12915.js
Requested by
Host: p.flourstech.com
URL: https://p.flourstech.com/prebidlink/y19629/hbw_master_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
428a6cf014b6a7062eb5655f3309bbd434b2e40ac5f33502b73072d2cbab03e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 16:04:47 GMT
server
nginx
etag
W/"64f8a31f-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hb_307825_11596.js
player.adtelligent.com/prebidlink/ex19630/ Frame 0F6D
920 B
785 B
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19630/hb_307825_11596.js
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19629/hbw_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bdfd00f7b41a504579b6f10fe781557c69bb449f1d924aecfd6467d878892106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Wed, 06 Sep 2023 01:33:10 GMT
server
nginx
etag
W/"64f7d6d6-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
/
ghb.adtelligent.com/geo/ Frame FA0E
154 B
426 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.flourstech.com
URL: https://p.flourstech.com/prebidlink/y19629/hbw_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3e396451bc8495d2e49e2d63733551e31b888d3b944b9f5eb8516917edfd0040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.flourstech.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.adtelligent.com/adunit/ Frame FA0E
43 B
433 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=12915&full_page_url=https%3A%2F%2Fnypost.com&adid=4sy9b1.gl&features=16480&vpbv=N173&lifecycle_tte=422
Requested by
Host: p.flourstech.com
URL: https://p.flourstech.com/prebidlink/y19629/hbw_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.flourstech.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
tag
btloader.com/ Frame E5B6
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=nypost.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
15 KB
7 KB
Script
General
Full URL
https://btloader.com/tag?o=5080945107927040&domain=nypost.com&upapi=true
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152588670e321c471ade3b64c472922c0baaf6f96297cfb285be886b7770c503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 16:00:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
603
etag
W/"c4589fad62bc97a7de617c79413d165e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrTsapDzc%2FkbQKPq%2BMamB1NqLLKWy1vFwJRXl08z0WKyumud1nmvZQ5yPsy%2FHaM4sFpRN1fQfwl9rhvlDcXxMQuXQUZbYqydLR2y05pAVejA96y16HGHEPbATF%2Bc45oOJP5uOi4sy9oDaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80e581a04c8a90fe-FRA

Redirect headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1014
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRSb4kh8ij9Re4OnnecN4vZQq3r3C%2FYQ86JgWCmxXVQ3XHq2TtXc2IJ3S5epj8v4uVlch2uv78j03yNtLV7UhXfqmyFpTQQEm1KGRd%2FkHFPSrCNA9fi09Rz5whL5jc%2BZoEh4HiP3dIMAGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=nypost.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
80e5819ffc3390fe-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame E5B6
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 29 Sep 2023 16:27:12 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame E5B6
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 04:31:23 GMT
content-encoding
gzip
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
42050
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
fOdv0jZAgH2bs85Xigj5YNmcQDu3_Nn1sK-ZM9_qfWFlxkuA2vAtTg==
hadron.js
cdn.hadronid.net/ Frame E5B6
55 KB
10 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&ref=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&_it=amazon&partner_id=471
Requested by
Host: info.illicitedge.com
URL: https://info.illicitedge.com/e3t/Ctc/ZV+113/d2sh-Y04/VWd01x7P-gBKW1VW2jb1BN4kKW2XSKgS541frvN2ZRHzP5nR32W5BWr2F6lZ3nPW5P83Cy5lVkbRW9kv35z5ms3zcW8CrKsp1qcF28W4P4l226bgQ3WW60Yx3k2fpQlnW2nJ6c27j9HB1VSb-0m7WyRWRN4tJ1zWQc20XW8G2h7Z7gLqtxMP3ztpdCFwSW1Pg6Jt3WTbzFVchWRF7D7gTpVrQgxc8r9cJNW4RktRF12RgfHW4L9JkQ8kdnpvV8RCxC43zJy0N7YxH9bxZ73LV8TJMH3yJK13N1gJRcVHr4ZrW3m5g1G4xKJSHW5_HW6V7m6CnGVn62sM2cjLq2W7mjtQb2twjPTW1JwKYB3HNdD4W32KjyW6wfw9kW6BTjq52zmKnrW8062Tx7H0mK5W3tzgWH11j5rNW3Dvdnf7D6crtW4VYqky4P94_GVxdzbS4pTqd2W3WhC_83Nz5CLW80CsTZ7qN92XW7HHFxm8fT9XYf9l_1KC04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
1761
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
80e5819fffce19b3-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame E5B6
142 KB
31 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 27 Sep 2023 09:24:45 GMT
server
cloudflare
x-amz-request-id
XX6C910DXX7SM7N1
age
1799
etag
W/"7bfa86f4fd91656713a35814298e67fa"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
80e581a008689974-FRA
x-amz-id-2
/D1jmujlr0ty7zwI7L4MWMJNbx6tnx22NRva36Ab7ZPyRbeh8RILqepQTv0ydLFyQ1UDi6aNnBA=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame E5B6
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Fri, 29 Sep 2023 16:27:12 GMT
/
ghb.adtelligent.com/geo/ Frame 0F6D
154 B
423 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19629/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3e396451bc8495d2e49e2d63733551e31b888d3b944b9f5eb8516917edfd0040

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.medocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
154
tracking
ghb.adtelligent.com/adunit/ Frame 0F6D
43 B
430 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11596&full_page_url=https%3A%2F%2Fnypost.com&adid=4sy9be.3f&features=16480&vpbv=N173&lifecycle_tte=355
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19629/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.medocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
csync
sync.spotim.market/ Frame 15DB
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
b80ab26904f38cee
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 15DB
32 B
442 B
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 60fd3afb7c20a7d618acbcbd60640b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
502
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80e581a05d786922-FRA
x-amz-cf-id
UaQUUwMj1W8cM_l92XsbrUr0wfNsYpFyTOT0bDAM_4AJbRodI7W9Eg==
expires
Fri, 29 Sep 2023 17:12:12 GMT
csync
sync.spotim.market/ Frame 7084
43 B
318 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:11 GMT
Server
Adtelligent
Etag
b80ab26904f38cee
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 7084
32 B
94 B
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 60fd3afb7c20a7d618acbcbd60640b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
502
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80e581a05d7a6922-FRA
x-amz-cf-id
UaQUUwMj1W8cM_l92XsbrUr0wfNsYpFyTOT0bDAM_4AJbRodI7W9Eg==
expires
Fri, 29 Sep 2023 17:12:12 GMT
hbp_master_307825_12915.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame FA0E
291 KB
93 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19630/hb_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8c0213c4f526687c16252ed26da8cb566163eb424d5aebe26d92d31635928550

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 15:11:55 GMT
server
nginx
etag
W/"6516e93b-48ba1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
hbp_master_307825_11596.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 0F6D
315 KB
101 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19630/hb_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b83591168c9409a07836e90c01b8a61c454007945c1e46dbcdc19a7d4e1b40c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 15:09:44 GMT
server
nginx
etag
W/"6516e8b8-4eb0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
x-proxy-cache
HIT
PugMaster
image6.pubmatic.com/AdServer/ Frame F203
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89791062&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
848f638037a791cabe1eacb08f796ac2eb5b0fb1ac3c1cbbe497acc29c55b85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 2057
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 29 Sep 2023 16:27:12 GMT
map
bcp.crwdcntrl.net/6/ Frame 2057
60 B
331 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
f7395a030866ce15ef2f1f921c554dd200435db20a71b07f0c9d78f75d512723

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.17.172
access-control-allow-credentials
true
content-length
60
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8267
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167271
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame F83E
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9038ae8847be7afea9d5221156754ace8843990d3e04c0cdc5a29ad5f1eab92

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80e581a1eb7a3737-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUixFFVxaBWuZMVErPLRv4vtV66AsWZPT1NNJgHuUEWJfOatS4%2F9sGd9T6b4X9lDalu4gonf7RJCyLYFxd%2BLahTUnRG4a0k28bKkLYbTeem%2FNKHjhIUia2U1Knc5%2BqGPlpzQb7HEcHMeOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 17D6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17136&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 16:12:12 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 29 Sep 2023 16:12:12 GMT
location
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
server
AkamaiGHost
pbs-user-sync
ads.stickyadstv.com/ Frame A7E3
316 B
789 B
Document
General
Full URL
https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-158.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bf7f8065f196b423f3bbd525dbc636b7c8487d3ed590e5e43afff309fdeec281

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
316
Date
Fri, 29 Sep 2023 16:12:12 GMT
Expires
Fri, 29 Sep 2023 16:12:12 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1696003932466069-563
setuid
sync.ex.co/v1/ Frame 3CC4
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b2e26b17-dbb3-40dd-a2b8-a423b4e38382
86 B
601 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b2e26b17-dbb3-40dd-a2b8-a423b4e38382
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=b2e26b17-dbb3-40dd-a2b8-a423b4e38382
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dmp
vop.sundaysky.com/sync/ Frame 3CC4
43 B
365 B
Image
General
Full URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsundaysky%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.23.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-23-69.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
43
expires
Sat, 1 Apr 2000 00:00:00 GMT
setuid
sync.ex.co/v1/ Frame 3CC4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=4127799284
  • https://sync.1rx.io/usersync/turn/3530635403919222325?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-12b490af-480f-4f24-bca2-d4d621dc4945-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-12b49...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
86 B
607 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-12b490af-480f-4f24-bca2-d4d621dc4945-003
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX12b490af480f4f24bca2d4d621dc4945003
content-type
text/html
setuid
sync.ex.co/v1/ Frame 3CC4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7860270711371651961
86 B
365 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7860270711371651961
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:12 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
an-x-request-uuid
96360d19-9283-47ad-97b6-6059830077fe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=7860270711371651961
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
map
bcp.crwdcntrl.net/6/ Frame E5B6
60 B
329 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ff0620a42905c5f58738469db12e1455952a538e725dafec7c0f0b7181fc86fa

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.2.142
access-control-allow-credentials
true
content-length
60
expires
0
events
collector.ex.co/main/
17 B
154 B
XHR
General
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.181.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-181-145.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:12 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/
55 KB
34 KB
Script
General
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=2146685549&cb=88b9780b-38e5-4b76-a03b-80862facf19b&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&schain=1.0%2C1%21playbuzz.com%2C0012000001RFgGvAAL%2C1%2C%2C%2C&w=734&h=412.9&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=default&sid4=3.55.0-d55ac9d&utm_source=hs_email&utm_medium=email&utm_campaign=Illicit-Edge-Daily&utm_content=276331523&psa=0&vpl=15&frg1=5&mdg1=15&mdt=15&pub=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
79ec26d976a565d845f737ebfc3ad42dddc72c4e9e50b6648604c1c4e8c02df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Fri, 29 Sep 2023 16:12:11 GMT
d
gpv.ex.co/player/
2 KB
2 KB
Fetch
General
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%2286e64b6d-8b02-49%C4%92%C4%9881b-%C4%925d760104aa%22,%22country%C4%8D%22DE%C4%B1%22browser%C4%BBch%C5%82me%C4%BFos%C4%BBwind%C5%83%C5%90%C4%B2networkI%C4%8C%C4%8E132857%C5%A875%C4%BFhu%C4%8D%C4%B8ue%C4%B2p%C4%BB21466%C5%A65%C4%9E%C4%BF%C5%A1%22https://nyp%C5%8Ft.%C4%B4m/2%C4%9B3/09%C6%918/russian-oligar%C5%89-re%C4%B7e%C4%97%C4%B5t-l%C6%A0dm%C6%A7k-%C6%89c-%C6%B6n%C6%9Eo%C6%A1days-bef%C5%9De-%C4%84%C6%82%C5%93g-hi%C6%B1by-%C6%9C-s%C6%A0cti%C7%80%C7%85s%C4%B5%C6%A8es/%C4%BF%C6%9C%C5%86%C5%A0%C4%BBp%C4%B61nzdqlp3%C4%ABqu3%22}
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.64.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-64-86.compute-1.amazonaws.com
Software
/
Resource Hash
454b42f206d367d7be8f0b3f978ab7f28196f94e97fbade32ce8f377810e6faa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"6a2-zqIGE2/QKr/HWBZ4A7UKIQ"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1698
hadron.json
id.hadron.ad.gt/v1/ Frame E5B6
95 B
286 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&ref=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&_it=amazon&partner_id=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f778755a7b055395a3fc786454b649f00a929c56c4415a2375cce4ae6f1b1dc0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
80e581a2c97b9c07-FRA
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 0F6D
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
61b02317144b41f42e977342d66662dcc88a5e58590cd55022a693fe79fe439f

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:01:19 GMT
server
nginx
etag
W/"65156b0f-84a"
content-type
application/json
access-control-allow-origin
https://p.medocdn.com
cache-control
max-age=86400
x-proxy-cache
HIT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame FA0E
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fnypost.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
61b02317144b41f42e977342d66662dcc88a5e58590cd55022a693fe79fe439f

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 30 Sep 2023 16:12:12 GMT
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Sep 2023 12:01:19 GMT
server
nginx
etag
W/"65156b0f-84a"
content-type
application/json
access-control-allow-origin
https://p.flourstech.com
cache-control
max-age=86400
x-proxy-cache
HIT
state
api.btloader.com/mw/ Frame E5B6
0
11 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame E5B6
43 B
372 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895041
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B4%2BITqTEeWSUYQqe3kDoFPYokRndTwO2sf1KbZ8YOuea%2BXQ3WN87RHMCFRrV4835d5KNJ98CbmkjpNsKNsLKSK%2FiuGRHHnuFkTe9WTGFLF3VlBuY%2FJT75GKF9v5hhxE7q8jDrJHr4vivF86rA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e581a1de442bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
favicon.ico
ad.doubleclick.net/ Frame E5B6
1 KB
170 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 09:21:02 GMT
px.gif
ad-delivery.net/ Frame E5B6
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.23491114180738015
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895041
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHMOvnP5Sd0%2BVb7QRAPAjdU4JmlJE79VJjQ9oZdzn%2F1cBQe7UietJ5RuhNTH6bAtloQq5hLqmkbBKrdvTxEYB2ZBuYj%2FdcAjCJyxGYza8WB7IUYxCvTtF5AXq6ZJ0bhwJuwZFlRLAMa08SrXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e581a1de492bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
px.gif
ad-delivery.net/ Frame 2057
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895041
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=papz2%2F5kl1bYx4Znlp3Eu4T53pLRb9uooDenuEa8AjV9llPoSJNHLVx4Ds5gOowpSq%2BFQI2ts1k5T0ROvj%2BKTT995pPCEl%2FLKSRx%2BPsHU8qjDZJxDmo2ifkptOsudcfOli5Anyg5fYGTNmQYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e581a1de4a2bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
favicon.ico
ad.doubleclick.net/ Frame 2057
1 KB
165 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 09:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Sep 2023 09:21:02 GMT
state
api.btloader.com/mw/ Frame 2057
0
11 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=nypost.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 2057
43 B
342 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.41999690873283924
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1895041
x-guploader-uploadid
ADPycdvof54aj3nJF9j2pFkT7XyFfMr2eTNswXxrgFKh1yS0BnLimqeYg1sKLzp2-QT788JsKH4W5KoT_pem8-HW54kFdsBXjpPW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWXRz6gwG1Q0WXllaSmAm3Pz35vGlIUIE9jNphya5VJdMust3wekfpZv%2FBXj8QRcz8cUbyoUH0kytvcCtTrKxTKxOpLGxGRSnQ%2FkJ%2Fvnk5rBUaa%2BgXPSJ%2BeHJuQJGnQY2qsKH2MbDjJffwcBJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80e581a1de4b2bfc-FRA
expires
Thu, 07 Sep 2023 18:11:29 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame E5B6
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Fri, 29 Sep 2023 16:27:12 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 2057
190 B
393 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Fri, 29 Sep 2023 16:42:12 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=471&sync=0&domain=nypost.com&url=https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
80e581a208509c07-FRA
content-length
0
content-type
application/json
date
Fri, 29 Sep 2023 16:12:12 GMT
debug
OPTIONS block
expires
Sat, 28 Sep 2024 16:12:12 GMT
server
cloudflare
vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-be146c-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
22 KB
7 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-be146c-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b758a777aceb46ebbd79d05ec54618696182e0b29dd7dc679e0403f085cbcd4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:43 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
KO5G8yFwLB3lZ37sdfouTU3d8W9dxS4a
x-amz-cf-pop
FRA56-P6
age
1303590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
6802
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"2a2ba2dce746d63e4c2ae22fe4d9e875"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
PIxx2GCLsT4Wc9w59vdIqng3WCUZbg1NGwRSZacT15slYBJAAHcwPQ==
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.84.8/
116 KB
31 KB
Script
General
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-component-bundle.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/conversation-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d45078a116638574e085806e50bed6d3c6976b816ba3031a3b427615eb5992f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 14:05:43 GMT
content-encoding
br
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-version-id
iYts_aHl9uY0cIwNaLE82iRiwgiLI6HQ
x-amz-cf-pop
FRA56-P6
age
1303590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31136
last-modified
Thu, 14 Sep 2023 14:02:35 GMT
server
AmazonS3
etag
"fc3ebd91a15cd83f1c92e140ee6bf856"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Mk6DLzwkOrc9mPpPPPz61EEbhzFLpOiBVol_14f0XlKRyncQPDOvHQ==
casale
match.adsrvr.org/track/cmf/ Frame F83E
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame F83E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzlKQFYqsUdwZ6v2zkZEYM&google_cver=1
43 B
737 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzlKQFYqsUdwZ6v2zkZEYM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BhyazqU4w%2B3%2BIUr4jC5Xx3wBWhhXVq1ecy12m4N9h3nR56jy5iL4t5df9QJwhkEnLHuR%2BfGjTFexhJ7bdlJv08CDLyWsNUvhTy4%2FCkl7eNMmMjSMcXRdx5zFwCgoDWkkz0WIaJ8lWNUJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e581a558af3737-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDzlKQFYqsUdwZ6v2zkZEYM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F83E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
98M9Q7FGCZWJ53YFZWFY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:12 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
44FK2HM4N47V31WY0D9D
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F83E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRb3XP6crRPKPLFr5.UKNQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAHZfJWCiRD3Vh0s8LRNRVg&google_cver=1&google_hm=2
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAHZfJWCiRD3Vh0s8LRNRVg&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2v5tZODslUKWtw%2FDHAtj4h3MP%2FUqqDJqtAjl6YRny1hQSZuZxc09Qftx894LPwC8FGOJG1x1PuA1jqVoP8rIvMdaEFHKM8SHdwTZHm8MFlc4lpv7O41Dj7B2NR3mo0nLxbfKHgJDoc4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e581a558b23737-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAHZfJWCiRD3Vh0s8LRNRVg&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F83E
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711728732&external_user_id=3e67b57d-b538-42e7-aa54-5b6961447a04
43 B
730 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711728732&external_user_id=3e67b57d-b538-42e7-aa54-5b6961447a04
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Z6N40NfCBfU6fvFRQYTLl6bbtf1tYELjuwuwn8iqr5b7SsndMCwovfz9UugIzed36scL2dwil3Uhcm12HhzySsfCKqwS%2FvDYg9GpgHbq%2BnpC41aFhF5ciMnmWggGakrFMh8CU6a43%2Ffew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80e581a599183737-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1711728732&external_user_id=3e67b57d-b538-42e7-aa54-5b6961447a04
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
generic
match.adsrvr.org/track/cmf/ Frame F83E
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8d41efbda86fcf4263ca29ff1d2dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7284281978830239979&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGQ0MWVmYmRhODZmY2Y0MjYzY2EyOWZmMWQyZGZm&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBIeW6FGADxPE1ioAP_y-yI&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1696003933248094-567
Expires
Fri, 29 Sep 2023 16:12:13 GMT
sync
x.bidswitch.net/ Frame F83E
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
ssbsync.smartadserver.com/api/ Frame F83E
0
45 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-length
0
setuid
sync.ex.co/v1/ Frame F83E
86 B
444 B
Image
General
Full URL
https://sync.ex.co/v1/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
date
Fri, 29 Sep 2023 16:12:12 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png
usync.js
eus.rubiconproject.com/ Frame 17D6
35 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17136&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Sep 2023 14:46:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81180
Connection
keep-alive
Content-Length
10475
Expires
Sat, 30 Sep 2023 14:45:12 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E9A3
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Fri, 29 Sep 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
198000
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 69D0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q4SFC670TPQDZMHTP6ST

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 29 Sep 2023 16:12:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y2VTMJT1ZAF1YHXGZARR
Pug
image2.pubmatic.com/AdServer/ Frame 666D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
42 B
572 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 755C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7860270711371651961&gdpr=0&gdpr_consent=
42 B
446 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7860270711371651961&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
629c4296-924b-4d4e-ad01-7f8f947ffaa3
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7860270711371651961&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame BA9A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284281421854144659&gdpr=0&gdpr_consent=
42 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284281421854144659&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Fri, 29 Sep 2023 16:12:12 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7284281421854144659&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
sync
x.bidswitch.net/ Frame CEBB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e&gdpr=0&gdpr_consent=
  • https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjc7tuoBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEPMgdZpe4hHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGZkNGYzMTU3LTViY2UtNGE4MS1hNzgwLTEwNzU3NjU2YzM0ZQ**
  • https://x.bidswitch.net/sync?dsp_id=476&user_id=f320759a-5ee2-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e
43 B
145 B
Document
General
Full URL
https://x.bidswitch.net/sync?dsp_id=476&user_id=f320759a-5ee2-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:13 GMT

Redirect headers

Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Fri, 29 Sep 2023 16:12:12 GMT
Location
https://x.bidswitch.net/sync?dsp_id=476&user_id=f320759a-5ee2-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=fd4f3157-5bce-4a81-a780-10757656c34e
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame DB74
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
42 B
375 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 29 Sep 2023 16:12:13 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=41f_7JLlUex_MN7O9nw-dbnVm5c&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8E66
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRb3XAAQzh9rdABV
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 29 Sep 2023 16:12:13 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230078-FRA
x-timer
S1696003933.966958,VS0,VE90

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 29 Sep 2023 16:12:12 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZRb3XAAQzh9rdABV
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230078-FRA
x-timer
S1696003933.865381,VS0,VE94
/
csync.loopme.me/ Frame C61A
24 B
91 B
Document
General
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.145.249 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
249.145.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
89f2d4e6c7a6c41c13c2e7a75e526aa60b9d5274fe28b2d82801c6beb6beb879

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
24
content-type
text/plain
date
Fri, 29 Sep 2023 16:12:13 GMT
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 27FA
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHd19VN0tMZThBQUJnYVNSQ3dNZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAGw_U7KLe8AABgaSRCwMg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=6971442829193981175&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAGw_U7KLe8AABgaSRCwMg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D6971442829193981175%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=6971442829193981175&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGw_U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGw_U7KLe8AABgaSRCwMg&gdpr=0&gdpr_consent=
42 B
199 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGw_U7KLe8AABgaSRCwMg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 29 Sep 2023 16:12:13 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGw_U7KLe8AABgaSRCwMg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
bridge
cm.adgrx.com/ Frame 5757
43 B
283 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame EE32
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3b21b93bc5af4a11b196253722b18f5a
42 B
357 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3b21b93bc5af4a11b196253722b18f5a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU3b21b93bc5af4a11b196253722b18f5a
pragma
no-cache
server
Tengine
cm
ipac.ctnsnet.com/int/ Frame DB47
43 B
359 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 75E8
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421362072988
42 B
194 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421362072988
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 29 Sep 2023 16:12:12 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5134455421362072988
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame 02ED
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1200975841872454649
42 B
195 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1200975841872454649
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1200975841872454649
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pubmatic
ad.mrtnsvr.com/sync/ Frame DD1E
332 B
482 B
Document
General
Full URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.163.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.163.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 16:12:12 GMT
referrer-policy
no-referrer
cookiesync
core.iprom.net/ Frame A62C
43 B
279 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:12 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-089704d81a1b@version_1.571v3
X-core-time
1ms
X-server-arch
v2
i.match
s.tribalfusion.com/z/ Frame 0FA9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
438 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80e581a5c8af9a18-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
80e581a49ef39a18-FRA
content-type
text/html
date
Fri, 29 Sep 2023 16:12:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
4951
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 3FEC
0
0

csync
sync.adtelligent.com/ Frame 134C
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:12 GMT
Etag
a2ca1699388480ce
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F203
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wQk21vxjSh2elD30Xy9vDg%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=167270
accept-ranges
bytes
content-length
5606
expires
Sun, 01 Oct 2023 14:40:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame F203
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.213.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-213-166.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.19.99
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame F203
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=883531833
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
via
1.1 google
last-modified
Fri, 29 Sep 2023 16:12:13 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
date
Fri, 29 Sep 2023 16:12:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame F203
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZDRnbEVDbVJjbU5TRUdOWVNNNng0TFlsUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6257942833171685156&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Server
54.197.82.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-82-124.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:13 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 29 Sep 2023 16:12:13 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame F203
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzEwOTM2RDYtRkM2My00QTFELTlFOTQtM0RGNDVGMkY2RjBF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F203
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjlapJz6rrxx4ScRCirdOg&google_cver=1
42 B
266 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjlapJz6rrxx4ScRCirdOg&google_cver=1
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjlapJz6rrxx4ScRCirdOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F203
43 B
611 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 28 Sep 2023 16:12:12 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F203
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6257942833171685156
42 B
243 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6257942833171685156
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6257942833171685156
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F203
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58292/ Frame F203
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F203
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E?gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F203
0
187 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame F203
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F203
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3530635403919222325&gdpr=0&gdpr_consent=&us_privacy=
1 B
218 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3530635403919222325&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3530635403919222325&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F203
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ab145284-6c76-46b2-aed2-d49edbefa6f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ab145284-6c76-46b2-aed2-d49edbefa6f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:ab145284-6c76-46b2-aed2-d49edbefa6f8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 29 Sep 2023 16:12:12 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 2057
223 KB
65 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Fri, 29 Sep 2023 16:27:12 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1B15
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=8d41efbda86fcf4263ca29ff1d2dff&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1b41_7284281978830276197&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=OGQ0MWVmYmRhODZmY2Y0MjYzY2EyOWZmMWQyZGZm&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBIeW6FGADxPE1ioAP_y-yI&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AAGw_U7KLe8AABgaSRCwMg&dataProviderId=817&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/8d41efbda86fcf4263ca29ff1d2dff?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-0wj3QphE2oMXTqMXH2tbWhRI5AVpjjKqwFlSuQvp~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:13 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 29 Sep 2023 16:12:13 GMT
Expires
Fri, 29 Sep 2023 16:12:13 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Pragma
no-cache
Server
nginx
x-sticky-vk
1696003933115022-522
setuid
sync.ex.co/v1/ Frame C76E
86 B
522 B
Document
General
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=8d41efbda86fcf4263ca29ff1d2dff
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Fri, 29 Sep 2023 16:12:12 GMT
vary
Origin
src_components_ReactionStatic_ReactionStatic_tsx.js
static-cdn.spot.im/production/reactions/tags/v4.3.2/
487 B
940 B
Script
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/src_components_ReactionStatic_ReactionStatic_tsx.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/reactions/tags/v4.3.2/reactions-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bd5fd8845a565e4fa72bc926b9921bdbcf2312bd65b770e6492f198272804b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
BLR8A1hViyIEw6l27TGEwthY6Km1rwdt
date
Fri, 29 Sep 2023 00:48:41 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
55412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
487
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
etag
"05e37924b466422ebe90c7c408d5c89a"
vary
Accept-Encoding, Origin
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
jtcZlJODX0kZPQfPeeOeivhxM9arLjyuGO6YIRXKTWYYeoutlZ-zQg==
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame E5B6
190 B
392 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:12 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Fri, 29 Sep 2023 16:42:12 GMT
6a1e0d2999d91f6db2aa.png
static-cdn.spot.im/production/reactions/tags/v4.3.2/
6 KB
7 KB
Image
General
Full URL
https://static-cdn.spot.im/production/reactions/tags/v4.3.2/6a1e0d2999d91f6db2aa.png
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
a1CjhAfB2EqNQNesSzyNxu5fgb36R_y0
date
Fri, 29 Sep 2023 03:04:39 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
47262
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
6243
last-modified
Thu, 03 Aug 2023 12:07:35 GMT
server
AmazonS3
etag
"d71b039b9e729e85c53e6423312ca068"
vary
Accept-Encoding, Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
O9x0AbndrMWADEa1dVdOBBB56iQ2QXMS0JMPZFX3cBj-pSm-0I2Chw==
lc8uuvm0xzvzwscijo1t
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/
861 B
1 KB
Image
General
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/lc8uuvm0xzvzwscijo1t
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-64.muc50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
93cd827c07e1855b3c7f743bcb6036070724b44147d25573b7b99c0dd257c4d4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 13:29:20 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
5625772
x-cache
Hit from cloudfront
content-length
861
last-modified
Thu, 11 May 2023 10:10:21 GMT
server
Cloudinary
etag
"efe3d9de9cd57f61caeceab51666804e"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Lb_rxyHCrKwp8iVr-z5diRVlT2OQ6070erQkV8CEN1qkaU8qOU6fnw==
bzhu35ezdcgzqeuehbmy
images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/
1 KB
2 KB
Image
General
Full URL
https://images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/bzhu35ezdcgzqeuehbmy
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-64.muc50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
43323a5ceab22123c3d6180b3fe94101c256800a68bd0dad25f0a1233a647c4a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 20:10:07 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
331325
x-cache
Hit from cloudfront
content-length
1102
last-modified
Thu, 11 May 2023 11:12:52 GMT
server
Cloudinary
etag
"2b2c7c1465c096b284090d2db34ed165"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wXG-hBPAfWVCiJRa5Qmf_B9VmZYbTENzOHRKFs67D2M71WzKOVBJ2w==
kwesohaa9eg9pw9fzfjf
images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/
1018 B
2 KB
Image
General
Full URL
https://images.spot.im/image/upload/c_thumb,w_25,h_25,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/kwesohaa9eg9pw9fzfjf
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-64.muc50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9a3669f459d0fbe742abd7ad5fca4221c9690e10119d1ee9e780c3c8cdb9f929
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:37:39 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
855273
x-cache
Hit from cloudfront
content-length
1018
last-modified
Thu, 11 May 2023 10:20:12 GMT
server
Cloudinary
etag
"f1ff64b081c74e8e3a2f2b4404944279"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2H11Fb37JPpfeNm6HUkvHJSzcO5gx0v5PAF5svPfHTL1-pU7Qtfm6A==
pziolywekjvbyc8curpx
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/
1 KB
2 KB
Image
General
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/pziolywekjvbyc8curpx
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-64.muc50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1023d364c505b4fb36d0e10eb058b943c397980fb2b54bc1b20beb18625ca5d7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 03 Jul 2023 19:26:43 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
7591529
x-cache
Hit from cloudfront
content-length
1165
last-modified
Mon, 03 Jul 2023 19:12:05 GMT
server
Cloudinary
etag
"9952c8fb2e0dcd4e6fbc88d50dea3198"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AAJxMoGOLqDOxE-Ii7H2QEjbimLoHMQThXP8mXD94PY7Uc8UBQkrwA==
o7brv97hb3qlkivnu9qj
images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/
1001 B
2 KB
Image
General
Full URL
https://images.spot.im/image/upload/c_thumb,w_30,h_30,q_70,dpr_3,g_faces,f_png,fl_lossy,fl_png8/v200/p/u/o7brv97hb3qlkivnu9qj
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-64.muc50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
0c79040fb0175520636a0f21dfefe3944afb7b355b5c2851b3228ef8def9dd86
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 19:29:12 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
5690580
x-cache
Hit from cloudfront
content-length
1001
last-modified
Sat, 10 Jun 2023 18:18:14 GMT
server
Cloudinary
etag
"d1adba5bb7fab70765b0735ea5f438fe"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ahSi_gsOzxu2AN59nyPgKPTq4oiIs0UgxY7AntYe7FhpkAdUscx6Pw==
openweb-symbol-v2.svg
static-cdn.spot.im/production/icons/custom/
6 KB
3 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
a4LwvXxBiI2uL8zrMqiGV0xmsVieM496
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 02:46:56 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
48317
etag
W/"09ba69b6c3a7136d63fe98562c0114af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
CfJO092f4GOA-cX0-nxAAAI1A3iYPx-h4hsHnJ4gfkuzLUv9s8kRMg==
openweb-text-v2.svg
static-cdn.spot.im/production/icons/custom/
4 KB
2 KB
Fetch
General
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.84.8/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-2fa6b8-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
tIeb0BF074BwTuW6cmg0uAMaxL6ImEvW
content-encoding
br
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 06:40:39 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
34294
etag
W/"9fc6e633e804dd0fd3d6d352bac7c139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
yu7JzcmtMs9e7jyWiWYn6-38NlLB3BdrTm5gN7qvFHSCaWu5ZSD1Cw==
471
a.ad.gt/api/v1/u/matches/ Frame E5B6
12 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/471?_it=amazon
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847efd8452d7e9d77b47b0a9c9f871dbcac82f17e8a836197e7f34d950679ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 29 Sep 2023 16:09:46 GMT
server
cloudflare
age
147
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
80e581a56ef39000-FRA
read
api-2-0.spot.im/v1.0.0/conversation/realtime/
8 KB
3 KB
Fetch
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.11.5/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
5202763d90c21f7302a1e54799ba58b53c0d6a5c2551b75a239463349c0df237
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
x-post-id
28903831
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_Sx8YukwE
x-spotim-page-view-id
6198326e-04fd-449f-9ad6-65ceed664b52
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
x-spotim-device-uuid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 67b5b59d34e71a36a3955bf957ea9ed2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
x-spotim-networkid
net_nypost
x-spotim-token
01230929ob582R.330bfd37e7b98478dd811a757cf03f777b72a6527222f2d73218bc219fc5c036
x-request-id
f366d8fe-5ee2-11ee-b716-7aa2721be254
x-guid
02e9dadc-4ebb-4ba1-9543-548cf0cd031c
server
fasthttp
x-spotim-device-v2
d_9LwOMIdz7gz3D0kavpL2
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
x-amz-cf-id
85hNGYIytOLH2mwuI_-OZ4pQtTluQV4cBbnos50uNcgAWEhHCF1tAg==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame
0
0
Preflight
General
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-9.muc50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Fri, 29 Sep 2023 16:12:13 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 bc8243121fd94c5b2714caac07caccde.cloudfront.net (CloudFront)
x-amz-cf-id
Y0zU2iCLluvedeqcZCIH80H3laFT8LmsSTW0bCtkJbDZK0XR5KVnVA==
x-amz-cf-pop
MUC50-P3
x-cache
Miss from cloudfront
starti
s-13.channelexco.com/ppx/
0
109 B
Image
General
Full URL
https://s-13.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&se=84ee1001-4473-4c0b-ad51-0042f181547d&pv=117.59&dd=nypost.com&gpvck=v022826673__734x412______DEF__nil__432&sa=shd&s=0.0&p=2146685549&cb=1696003933072
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame E5B6
223 KB
65 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Fri, 29 Sep 2023 16:27:13 GMT
prebid
exchange.postrelease.com/ Frame 2057
0
388 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ntv_ptd=1163444&ntv_pas=eyIxMTYzNDQ0IjpbWzMzNiwyODBdLFszMjAsMjUwXSxbMzAwLDI1MF1dLCJsZW5ndGgiOjF9&ntv_pb_rid=19a2f74617e8ca&ntv_ppc=W3siYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtMTY4OTI1NzQwMjA5OS0wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzM2LDI4MF0sWzMyMCwyNTBdLFszMDAsMjUwXV19LCJuYXRpdmUiOnsic2VuZFRhcmdldGluZ0tleXMiOmZhbHNlLCJ0eXBlIjoiaW1hZ2UifX19XQ==&ntv_dbr=eyJkaXYtZ3B0LWFkLTE2ODkyNTc0MDIwOTktMCI6MH0=&ntv_url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.141.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-141-48.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame 2057
0
154 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.4.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-4-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 2057
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.4.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-4-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
/
ghb.adtelligent.com/v2/auction/ Frame 2057
277 B
537 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7440e8b439114bd810cc553e4770cf1ee02cbe18a341308fa8a061f8a603379

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:12 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
232
translator
hbopenbid.pubmatic.com/ Frame 2057
0
109 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:11 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 2057
536 B
611 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3f451e672a850645dcf5d37357e5539a5f1a9e7706bd7e56bf54c86e259abc4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
97
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
536
expires
0
prebid
ib.adnxs-simple.com/ut/v3/ Frame 2057
478 B
1 KB
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
61be8120bde3bc16b93aaf499bc340bdf7004e06470265496d9440d1fe13e1df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
an-x-request-uuid
2fb56d8d-c6f7-434c-abbb-b6ca2c3cfa4b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
478
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 2057
171 B
552 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame 2057
171 B
552 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 2057
94 B
496 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.4
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8a02bd84c6ebda2ceeed45b34a3789a6d45755625f9462b9ee9d2b97e1bd6d5a

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 2057
180 B
524 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
ba658a8a1ab304bb96e44762d5ac24306415cae45145d34f68e51d97fcc77aa1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
737 B
942 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=337d6d16dd0a7e5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.9677555913442135
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
54333c7be622a36ac4fb92c7f364a37a5f9ef971995734c7da29c6ec387e762c

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
736 B
770 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=34d7f6c1b511bac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.515310795420844
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
43414abf66f6cad9a445349ac63d11bc30ccb777f3e90778871d2cf04c02b347

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
736
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2223316&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=353c90d975b6ba1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.916033699564033
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ac018d5d233d03ec7c73ba5688651fab1ca5f86edc83c1232a9af74566e43916

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=3694e5fcc65a041&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.5461717707723532
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7d5a3924c6546efea587495ce9f84a87a8ed023b78d6a0fef51820cc345df574

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=37bdaf7a2bb417&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.3976461908838649
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
47267395fc8cdbe309dd372de472394a0c352a4fc57d12633980ded225de29a1

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 2057
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=e72f7eaa-d232-427b-bf21-cc9137b6bdd0&l_pb_bid_id=3884d6ad5b387e7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FReactions%2FReact-NYPost%23div-gpt-ad-1689257402099-0&slots=1&rand=0.9833145242432333
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a86707f70496ec86f0f21890114c2d01106442c2f4c800a824eeb1c1abe127b4

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 2057
0
189 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.4&cb=71598972809&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
prebid.media.net/rtb/ Frame 2057
32 B
426 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 16:12:13 GMT
prebid
ib.adnxs-simple.com/ut/v3/ Frame 2057
144 B
709 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
325210cb9291770a99915cd990dfcabdb88b6d861fc0b14a11c475a62953d2d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
an-x-request-uuid
30f81282-9d2f-4602-b0c6-9b955376efeb
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 2057
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ Frame 2057
0
53 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
ghb1.adtelligent.com/v2/auction/ Frame 2057
5 KB
1 KB
XHR
General
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0c04ba6a26cf1696dc854f4c78e3fceec5dc0d563d40e0be41a756015efc576d

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:12 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1093
pbjs
htlb.casalemedia.com/openrtb/ Frame 2057
3 KB
2 KB
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b216eb91f29834ac3ccb069f360adaee3a6fda00dba7f9fb69359e21450c4d

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FEEjfw1z2a8M7CIkH7HUGpz8FjQgW5Ve6L2BuV9mEHWCYNbvznI2kYgygB1mhUaMK6VV%2Bb69aV71vxDP4fBexj3%2BH2kAK5au2QPjx0mIJOSN%2BaYv0mB8iUHoIGj%2B6kZ02hW6y3A2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80e581a6bf4b9b94-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 2057
37 B
501 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b96c86bb64d2324ce169c3da60d77c897f2afe47fa535f0d95affaf40e7ce9

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrniLp1wT3lJDJ3Cm68q5nd%2F%2FYIkPMdXAFv3FZkX0IEpERIDpKC9fceQbyWDeFqD%2FT67qNEwPs63c3ueRXoZGteWco0o3gb%2FWYaB6iICMpFJcY9zeYMe6TbUF5e2jyj52yy1is0K"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80e581a6bf4a9b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 29 Sep 2023 16:12:13 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 2057
0
158 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 29 Sep 2023 16:12:13 GMT
prebid
prebid.media.net/rtb/ Frame E5B6
32 B
116 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU816538
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 16:12:13 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=4ac2ebb7a7f009&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.7427201351778947
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3718964d6f6f2a20648f65c484cc413d0e7bbcbe4b535f1bc758c0de38ffc58e

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
736 B
770 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=5ef0f8c17224db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.5422089206454583
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b44411181077cce0f861119a06b55fdb17d4df85ddf5da67be9710bdbfef9dbd

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
736
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2223316&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=669b3705524cd2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.9643122862070033
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
030531146db3fd4d90ad1744a8cfb6c95b68b4f5edf7c0f2c39471d5828d95fd

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=7e03210cd1d5f9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.7590833596194164
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
640048af1af0b618e31f514121b02daccf0517a11051eeedea0f913563685c1d

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=80deb7708d4a6d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.57419152857676
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b83f486ed0ec7d4240039724bca54ece8d33e01032819cf924a98845f8a4e65d

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2435342&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=91e9209e696319&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.8537659096713335
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8c228f1f2dd8352fd25d03f26e26e0048593ea2af30ed2026fba25b25c274cc3

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E5B6
737 B
771 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_Sx8YukwE,1,,,&eid_pubcid.org=037b29b4-bd67-4367-80e5-b47965941b8e%5E1&eid_spotim.market=02e9dadc-4ebb-4ba1-9543-548cf0cd031c%5E1&rf=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&kw=Business%2CNews%2Cluxuryrealestate%2Cmansions%2Crussia%2Csanctions%2Cuppereastside&tg_i.page=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tg_i.domain=nypost.com&tg_i.pbadslot=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&tk_flint=pbjs_lite_v7.37.4&x_source.tid=cdae2a5e-e15c-4a72-8319-b679a4094060&l_pb_bid_id=105e66289a3ebf9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C5850%2FIndependent%2FInd-NYpost%23div-gpt-ad-1649081769412-0&slots=1&rand=0.49951651299150646
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a2a699dcc9180e1dae09fd2eb7cf3ccf622aee47b8f7e8e0b85472715141728f

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
737
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame E5B6
0
157 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame E5B6
0
188 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.4&cb=40733037013&lsavail=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:12 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
exchange.postrelease.com/ Frame E5B6
0
389 B
XHR
General
Full URL
https://exchange.postrelease.com/prebid?us_privacy=1---&ntv_gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&ntv_ptd=1163444&ntv_pas=eyIxMTYzNDQ0IjpbWzMwMCwyNTBdLFszMjAsMjUwXSxbMzM2LDI4MF1dLCJsZW5ndGgiOjF9&ntv_pb_rid=15dd5ad1f75780f&ntv_ppc=W3siYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtMTY0OTA4MTc2OTQxMi0wIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF0sWzMyMCwyNTBdLFszMzYsMjgwXV19LCJuYXRpdmUiOnsic2VuZFRhcmdldGluZ0tleXMiOmZhbHNlLCJ0eXBlIjoiaW1hZ2UifX19XQ==&ntv_dbr=eyJkaXYtZ3B0LWFkLTE2NDkwODE3Njk0MTItMCI6MH0=&ntv_url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.141.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-141-48.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame E5B6
713 B
765 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
b2137a0531aee2feb41bf3fd77785e95ca5190031f363916bfc03e403c4b0776
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
314
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
713
expires
0
prebid
ib.adnxs-simple.com/ut/v3/ Frame E5B6
144 B
709 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
a8afcbd9e92c09144d53bccea66284b3a2f856a41ce5b89c9f389118803c6308
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
an-x-request-uuid
aaf00255-fd1d-4a07-b17b-bc63a8d21616
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
content-length
144
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame E5B6
0
53 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame E5B6
6 KB
2 KB
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb48b269b79ac59ddbea2dee0a765a3bc0a288407d3b4eb29dcc5d033e5644cd

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWBAI1J2%2BdNGMWbmeo4Jssy%2FuQ3gcJrPOpI7uHh5rRv750jmePYJJ%2FZO9irh772wMRU83zD4G5gtEJ%2Fsb%2FyRfrIJtUfBECseizxTcL3NzOtneM0tCbEhYKA4uybHRqBIUDZXAeVD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80e581a71fe39b94-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame E5B6
37 B
479 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=494467
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f8bdd2860508e659018ba2e7bc7852430cb38f3fb8a5f569b5cac2c69aa464

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v999pmvdPh10V5kqnPt6cufmMgIsqHA7ObcBYrRgawc7JyiCkJWq9LmKFhdN1%2BQlxTKr%2BSOGanzHKW1Mq5%2FswdDdf4JqqZLvd0wedeAsbti4dY6Mhx4ssbduYJqBUn3B6v9GDYf0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80e581a70aee3737-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
bid
ap.lijit.com/rtb/ Frame E5B6
94 B
496 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.4
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
15ea084e1d3886d7df928e78e2b7208fc23ac4b363352824e0916acbb0aaea22

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
/
ghb.adtelligent.com/v2/auction/ Frame E5B6
278 B
537 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a8b23a89b139fd8729b35c9d1e815aaafc64c50183b7f6ab8e96b852ccc3f0e3

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:13 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
232
v1
prg.smartadserver.com/prebid/ Frame E5B6
171 B
552 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame E5B6
0
332 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
auction
tlx.3lift.com/header/ Frame E5B6
19 B
260 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.37.4&referrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tmax=2000&gdpr=true&cmp_cs=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.77.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-77-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs-simple.com/ut/v3/ Frame E5B6
582 B
846 B
XHR
General
Full URL
https://ib.adnxs-simple.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
889403529893a9441dc4cf99ec62839a7858af5c530792251f4f55bfeed005e0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
gzip
an-x-request-uuid
bf53f18e-c067-40a4-92b1-231442707e13
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs-simple.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame E5B6
180 B
230 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&PageReferrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&CanonicalUrl=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
fda07832cf52e1ed900551b9b261264ca518659bb082558168a96a70daca257e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:12 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
/
ghb1.adtelligent.com/v2/auction/ Frame E5B6
5 KB
1 KB
XHR
General
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
be475e761c185d573a25060b95bc94860ef67454dc13e9ddd0a37c91b357f847

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 29 Sep 2023 16:12:12 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://nypost.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1112
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame E5B6
0
173 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
v1
btlr.sharethrough.com/universal/ Frame E5B6
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.4.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-4-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame E5B6
0
153 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.4.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-4-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
1634761309152.gif
static-cdn.spot.im/custom-content/sp_Sx8YukwE/
68 KB
69 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_Sx8YukwE/1634761309152.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65c87f9d5c30c6601a4b9fc762d8eb32d0a71e98a8cdcd8067d455a666ad0105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
.xZvdxtZnfn94fuT_axR3YMtDGupQa1e
date
Fri, 29 Sep 2023 05:31:37 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
38445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment
content-length
69884
last-modified
Wed, 20 Oct 2021 20:21:53 GMT
server
AmazonS3
etag
"de4441b84165d2571e229cb81b8ed242"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
43do0o7gUlM8Wu_NAsPLw_M3nZ4uG5FLrIH4ogg1KxdjpAeI6qs7zA==
1634761326900.gif
static-cdn.spot.im/custom-content/sp_Sx8YukwE/
53 KB
53 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_Sx8YukwE/1634761326900.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d49584dcaa26f57619b1b8889b19f06de1f405727a24d1ff0014ee90c23cfce4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
SXoN5D_DTPzdlY7SWVzYiq_5Ao0O3rso
date
Fri, 29 Sep 2023 05:29:48 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
38562
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment
content-length
54160
last-modified
Wed, 20 Oct 2021 20:22:11 GMT
server
AmazonS3
etag
"7719e4dc5a497e82224715d0ba16fde6"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
ik3VC_Djh1EooHhw8X1Jq-k6aNodA0gFGR74qvAXqTMavroMRFNs5Q==
1634761378239.gif
static-cdn.spot.im/custom-content/sp_Sx8YukwE/
24 KB
25 KB
Image
General
Full URL
https://static-cdn.spot.im/custom-content/sp_Sx8YukwE/1634761378239.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-85.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8380835944c57e7b27710d30e02cc3e60f942c3fa12e5b5e7b5ac5c39e4e10db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
D_mRi0vgTwVGKMb6ZGxKRk6.KhkileAb
date
Fri, 29 Sep 2023 04:54:36 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
40662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment
content-length
24805
last-modified
Wed, 20 Oct 2021 20:23:02 GMT
server
AmazonS3
etag
"19af74410a011f8b2e640f8cfac719fe"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
XflKFuptf5KwHu8befV00gE2ZY9FsBRKt7v-5tpC3Hff77PX1xSIbA==
c
prebid.a-mo.net/a/ Frame FA0E
0
221 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.flourstech.com
date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
25
server
envoy
vary
origin, Accept-Encoding
ROS
pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ Frame FA0E
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=h...
293 B
708 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=50f944ea-d50e-44d6-860a-4d3e21292b0e
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3ae502bfe86929d2c34ca94df37c8948e285bfc69de4518de65fec09099dd509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.flourstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 16:12:13 GMT
date
Fri, 29 Sep 2023 16:12:13 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://p.flourstech.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
293
x-sid
AMS-919

Redirect headers

date
Fri, 29 Sep 2023 16:12:13 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.8658923315830938&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=50f944ea-d50e-44d6-860a-4d3e21292b0e
access-control-allow-origin
https://p.flourstech.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-919
ROS
pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ Frame 0F6D
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/nypost.com/ROS?rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=h...
293 B
706 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=8eba09cb-d971-4142-b534-751f5aec3f43
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3ae502bfe86929d2c34ca94df37c8948e285bfc69de4518de65fec09099dd509

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires
Fri, 29 Sep 2023 16:12:13 GMT
date
Fri, 29 Sep 2023 16:12:13 GMT
server
openresty
content-type
application/json
access-control-allow-origin
https://p.medocdn.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
293
x-sid
AMS-919

Redirect headers

date
Fri, 29 Sep 2023 16:12:13 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2e43c/1/nypost.com/ROS?ct=1&r=pbjs&rnd=0.7296534256121572&e=300x250_0%3A300x250%2C320x250%2C336x280&ur=https%3A%2F%2Fnypost.com&pbv=7.37.4&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fnypost.com&ccpa=1---&e_pubcid=8eba09cb-d971-4142-b534-751f5aec3f43
access-control-allow-origin
https://p.medocdn.com
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-919
auction
rtb.adxpremium.services/openrtb2/ Frame 0F6D
2 KB
2 KB
XHR
General
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
60d56ed4cc823762dbad40b479e1104c44c3fc0372a48e2d2aefe54894e3f376

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:13 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.medocdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1868
Expires
0
cdb
bidder.criteo.com/ Frame 0F6D
0
191 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.4&cb=69532615897&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Fri, 29 Sep 2023 16:12:13 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
openrtb
adx.adform.net/adx/ Frame 0F6D
0
622 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
khaos.json
token.rubiconproject.com/ Frame 17D6
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=eWggSnE5W14nLThbYj5FcKjAkz4ZCVAk1QK8iJh1yhHYeKnw1y-aec2SC3AmT0PDTyiVVppr4rv74rRH_q5o6Vjjt86bs8WlZaV8JuVzlppa5yd9M85ISqg6-QkJyLpj-0vigV2xOKsPw5LDa9EUntRGCuMCt2XNDXuxA-wty48eXbakkojTRmMzqesEaJdkul7Wg958wTq55Gk-a3090Qq7yjBBLjeyGJH6HmL7EFHsAWCB4BnMNn9AW8Eb9eU8lPjcdedoKXsAo0k6n32DsWqOankOm5YHWIiOPV5ph04m64kI2JV71y-cDj1TPeJJnHEFcGpNjt0jFC15jJDtfZx2jZ7hRT3_PwOr0xd8D9Uq4rQx0CKGPl1JzOOTDefxb6cRdW7TW8HJB5P-JImZmZ2NVYdTheWK_KyUpz9q7UgqhiAxvEsx5-5PuilVvTRZTHvkVVLlZfvYwnQAoHOwSGaPBxv0V0HfHrkm22ZTK47js9hwE20zaQHLimgi6SI7wllBSxYIZJ5UO8q_KHG4pBU1ySRAbb99dEohWSpB3zuvvZ-AK5vC_PVtVCDJtmie6Y5VkqO5Fd67u2ZfN98Odty43onAysFOypZ7JC0Bz-yqd5hi_p6iYlrgDqGg4J9ukJ5cWbtwowALmzHO3erX7pzCHP2DO06grKzTht_s77Y82bXbUNpvRRMSrrZmr4RwZVBpBD4cKfIPkyH_2ph5u6Si6Ntx6tn4habp8SE1q1OuyQTqzT8TKJ2a5iOq3GOYcu1CwtWJUHLQjJJthuUI46xbb8XYQUW79G176CFo0U5IyONac1dY1RYFS35znFzsZA4zWOunQfRNOfkacK3Wv_uWMHPllj0WACdpU0vN4e5Gm1SJg3h8EHaxL0DgtsjftuKY4YJwOZFanRDX-L35mnSX36VLrqz7M-2XnURppdVyb2_tr3Y_yBEM4NQAXww104NiI8oNnKTREsNcvBPhfTmtIUijhy54SvOJu7am-tni_EPWbO-dMpXk0TnPBl-PfBfcQ3HD2xWDRrbEBDigglT1GNh-Wisj8_niujCd_-ZeJIeZg-E60rP5V5U77hJPuYPFdp55F9w1nSTrwEpMk3htFeIYozsI-oMN3sojwobL3kH0NevZOsnQOgCSohhkOnEJb_VeHTM31rTCnivWyG5nEIkp0yP1h5HWdWO4wzeE5N2pU8eBCf_p5pGHZ3Ar-ZZFahagBjUuyi_2Iens2s-YGNllY6XMAn4m0updr_2fHqxzd6eRR-uQH7ZEnXlyGfhXHLJku2vmWioDZ3E8Mfg9sPwMXkeQvOo1Y1u74gT_EdPyqHuOT9FpdjYg8ymQNRMKLZ8WvKm_bgO1hOhiVAjRHu_lhVG13Ohowz6KE01Sn2MBsfq6-uoeB16YgOxChWBa0Z02MqNufJT8Etq_1bg-4DgCSdhbqxhkh4sM8WaAI3Qcqw-pSk1mjwI62ZSCMSEzpxCsJ47-s1OGv8yy1JBJec1lCDEAimNOY9Pth7DE6LCV96rDOzqo59l6ZhZtLdpZ6oR2bFjaUOM9y7FRkmwtGl6q9ZVXEArkn5--pJhH2kzb1TwZL6jYTFoYLemfUgCvDA-AoEOon6ZlD1SEmjnlKqd4cZLrfd8Rz-n7-mFScM29b888CCWTSPyd8snI7YU9Hy9iy_uMHTdbAH5hcTXA1i7UaG-XXRK_nPGVINxkVAUZU1T8YdY4-MfiKkO0yA6BmNdny4aGvXP81Qdxs2yGHZx4EcruJebS8TNX3XNXZbFBICKnkswDe_jF2D01tw2YEqaaZwYK0HyzlYwgC3yRebo2Np2tfI_l7cI0H4BdfdjsEmY74yXMCSb6SWyUBirvN0iMCmhCDybS3PBBU6VthIimzZ47vMobROh1iyFMXTcQn_iRRPh2NHS6lzK3_TgZt5nitrkeZ9rXqxAWQIVxSit7yfatRQAfPqh9c4NL-vv3u1H-AB-UJCkHS98EGy71NaJdFYGOyCMlRVnmwDyjExN2YEEvw830aqRB_3w73MMxXvD-70Z6HZpEkg3rarmCTCasjuxMOSJwVijDZL6Q7wc1sqJXEdusbWS0xUxeOr3XvM4uu5ymClPfeGTOy_Jo5Xv9DfXa-Vj0EbtO54LxWE-mja1OqUsU2vIF3UoZVcta_Wwc3ahsGz4DaN27VOs55qasRvdeQZgaHTqfja7tyLb2PVOB6U3x_BsjfgOn0GT8TDt0iN4gVY0HGN6xObFK_AqojR-3ZsGd4iD3iy1YjYn6AvujpflPnulRzKQ-KXqqOD-bsfEp6lr-hKpUeUAcGoYpeSd4nz6DjrizcsCNjP-5dg9FGLGPAYMgD5nMaqXiXqsU9m_jr6dxSRrTkmE1mUY9TT8SyWuKHf6xAUy0u8x-iZGWCXOoodK5RAWuGJ8QQ7ffw8SSft2zvwnkhVkDyBJpe2sEbxetL45V4Wd50cuioKqo38gTY6s7tlD_yBz9RCz6ZUP9oOkNdeSemXNg93j9NkAFpyk4RPwEBIMbocs26RT4tFTDrVLvD-RJipXiWvdb2DkKFTDYspc4koLaH4EecnVK1buTlcL3ak-4m1kE80ynBZrzHem5KW7zW4NqMm1DojlQA8R08AMkQ00U_lJC1G56yGnYN7GLRUcfr3-sBINQdMRu6ZPRxW-55pka_JlKYZasx_aWgvxLEelEh9l61YJm---D6hscffMbXLd2qJZ6OSKWmzw8THf8UsF5Hp1OvsxciaQHFlj0JL3xXd0I6NOUVPlP_AdrJ45TDYHFptMZeRsnHgxp7R2wKwAeEosjm_VBA2XAl8A0VwBuu3FZobo8QXxXOvkLyZNfBJxie5OVm2jN0rXHW3Dp7HvFVJIEQECVguOitY8Hn4OK_iWc9iWiZt5PiRqivzFYFuKgQ3qn3E4sKJPJR1wl_qQXiJBP6HwmccLCVMpyE5IhURUqS5QS9bbAdnN3tWaJXUbe6FZWFL4ag5B9fDVqeFwZYYJ2RKn0xh5Xn6UfJe-hMTzlujVWvTMNttKHsgLcRv6ZE19v2g60-w8vBW3hCIGlS67ssDEAkAnNsmBlRsdqVF7baG8JzTaJcQfEcd_Cx1jeOu85KemGrKqMtwpZx9QwAaQZs5HO12_LJOJ07tD_Q2dUcfHHqfowJqc_sCNyLK21Mi1PvTjFfn_slh-y7Z57wb6zcE_dQ_YezFKYj1QBChlHmxv5SFBXBuhnuBtvS2-X6SEvwR6ajjyrpocs44uqXnS7RfYUHus9f3_32OtznOXBSioSOsXWhRr3Z51f_vOnZJDo4SeijON6INYBWJR0F2L7Je4qVXpiz-0A_D6uwPCw6E3lUqVFM2T1KDs34qcLJSbfIyFPIqg5XelclI5KvcoUzQzyU8nYCeX1ACrNq1gK7MI4SZ5A_JKUd8OLskEaP3TyQG9qoSP9RBMxKTkTaHAZErre9OrvqtMmAssu3cTrEjznw9Qm96yIGtilNk5-Uea6JlNj37WxEHb_2jBbuCtm1P_msTNT8Calbn7QS3O5tdcN359pOZ77LxU9aTIWb9uwuycq6Y5Sx4rQowoNSh9W40l1Y9j0r75c8Zavbvjcq8w0UF8wuH6mJl3KfEJBsoF1buSyM-w-pgWUVbVEoKA0bsmcKvhVWcxIRvXXzIk94QDqgpYQbsVlFA%7E%7E&ap_size=3672&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
ac
www9.smartadserver.com/
129 B
527 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1696003934133&pgdomain=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&vph=412&vpw=734&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0012000001RFgGvAAL%2C1%2C%2C%2C&gdpr=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=dWZHVEgvOihWMDJjem4wUcpvz6K9QcUWTo2M1QK7pHgE0Tel2pv_agt6WIFSyi9A-7gsDAYb_yzHhlPLdN5yLhQZiLnacnahaJ4Iq46Sz3srX_Yb0egXTmfVL60P00WpbfHQaN20domxT4Dvy0Pwf8hjJNs1wCid-Sa4h3JxUD4vbF5IGFTRflD6bXCSZO2yfFECClG-12uPV2I5w6GpMJYor2bC3-Ey5ncuypPzPC9QnYzyD7JCP-NOECWbraZMbcQIhuH6PaesXNuOSRSKJFRPyByqraKPYYP8g_0hRxIukdFe4E_XQEpk7GPvGeOTOMP9ALz3fsut0iOCOneP8YNN2sjGty3zfyOnwU5EMzNkXb0qO2CGksvNLKpw0B9jk9B25yQ_3ogehYkwATuJAomDk2xbAEAlMeheyItJNwbLgH3_ziaKGQDVWhCP5U5arNCFxpVskscENFy7crxVAsGuDn0c21igRzuHfMp1FdwBgAjzuavFrFs5ArUzfdzbuQEyjjvReNYs1tmhBxPB6CO9rSuAC45btO3wzkoD-FsRU4dAwNB-qUseLKrZZyq2wEVoAMoAdE9oua0REk6qtBLLpeUZyZQEJOotNPKhG3arpfHsaKQ-cBl5fvUGLr2UuD1nPtTyNN64oYCfT5gnf-owvlX6clYdD0p0tnpK-IdgiB-TNi91-pDHIPIZHHuOqtGkwXBpuAuaL7s0olLiXmJnOQLm6q8HJHM-kvndHl4xwkrEZ59vR-rTIMKrTZx9_9bdmzrv838GsPI95HpDpXOYi0etKaKzfzh612cyTTbIHuV7EKoNX8YKl5yosMPmBBYopwhEf4eJvYWuiDjtBqrq1T0aKfc49HI74rOmhKKE8oTcBRLO886lSq-B8iISdSdzg-bKQ7ZuPPfS_v2ZrAqsPDLDB2IZ41E5AWoEHjtwreNZ5dq_kvAb3bG-YJGzBEMaJBKYe-pbTmC0Fv8UPWrtCC0ZHOCLeMbbkN83idKGm_0Gb2E076kvVOnnNkfuo5H4geR8U_JvpUdb3IrVtccxtsjnRWdpNYD8pLjIzKXAd7cS4bUnnn8f7jB3-newx5hJNlhxFX42iDOeX-v9BOesKgfXRhKpj9qbN67jjtXpqSfUbX4ZDbaoeCDz9f6eZ6dhfU_46ZXvrqjdS9Vw-8K1eaNpdCl4YKVytWd0xfpsmCcwlSDEcPaax6_lS1uYLu3eUwlV7Ql_8vvMMZuYsYhM-UHykunkeDd8lxztlBBMC7EF9TLFqjBy8j8xNfK0Bq5dvAaIjVcq6XWUBgq6q3rb7YLkpEEJtFeC5-64iW8ZbMuv7gpVxcRMUMj3-iT8Zbd6gw-TLBfQ5o_13_iZn_Ropo7adymcqNSpCliM6Jy_lSuhCHgB9npSmspyMPo1ig5pH9bM1V5TU6gz9okinBghMeKVTdxOSGRQ_l3yFHFtFFk4zz6F_VdME1vxq6_SkjBAW1_tz2imH74Ujr7RhujPmKFWjUVld3-fybW0IZ5ALs3x3d5NbjaBs6pKdJUS_OvX3Y6p5eWpa8X5bqfzGxwjeZnsWSnGex_L0g8eDLn-Wkd1KCr86a7NtSbJNgygUvcDaCtl5M3sj3a5qhq4F0lDQMaw_yiTTxscPnUF6w-SEtlvrguuwgx5112Hev4BZhtFPSPFOv9N7HbaG1mH84zenmhdTXmFZLtWEVe200Ox-SViZ7eJ1zVS_1FtfFxNvmPqsocEU9NpzHe1hUXJxuycICnX34ylLeahl4vfELx2iYNnYRrnyE-_7Lv_IA0vYLEOu6OVGGBhKmSU2-MSe5pkZfWK5FudvaoH-ZIooqA8Lp5HdAFAZ-Q3BcBXHKxF_ynGut8hYZa6vUVMAtX8rYQPcXVykiVa9e9ZqcVo_1DaVqJAqzjYoas6O-R8T3N4hJfSeD-h7hNV5S2CoIR_T7bfX-xD3kdEy6vffkf-TGKGT_X58wXStsBzB3Wue-KksaiRgbfMEN1sAktGOmVLYvJ4Ber7GvKyITqu2aZFtdVsFWLDTi2RkWMkpZvggIb0fnEoV2HWa0XfO0iZ-iCSAj2oXAZRfCBVaj-iFJV7jWiBXpfi3dmab-_f5bJVLH7uLcOxWjyK4s12JVxDcEt3hyE3BujcRBMT7XtqmPHmmif7cjK8CbdlPbd8Juwv817MNIwM9xQr_Khh5XnKWir6f3eInH3sAfVmTyCQISN1d-U11-wYAOaBT8XiNXUDbBehsR6tZSQ15RHEHEV2LKF1_YcK_L5h-HGK-VM83jJoSPO73YJGi5ZJVX3MfZl1s0P4XC28RLTN5ETblf6KUJECvHKak-fxDwt6Yk9_NK2baJbBouIT1OWbkWlc3ifSy2WPz6Zg28kRgMZs9BJauEEIkI627KP3gi3KAGH1dSQAx_1PqCRRyKsnYCUHP5X_dhbfaaRWGeyfUf6EhNpmpwZRup_OYAteqRST2-wmriXfQYxmNP1NBSjA2hj4BHIw8lx6in2QLc-qJx5YggBChyqHom6npde9LfgR6PTNyjvLZr69IYnL00FI1CIZIGeF5QF33mw9ZRQjzop2y2Yko7ir31hMqGpulHH2i3vwWUDL4oYsDiI3GcftJUaCX4iGRFFdDioIJHNab6GonkH30_9SCcyy_KH0RVFK7KLXLWScQt7azK5FXeBVJj4-ARSdcZUjNPWuIWOEJBoqqv3ApcZc1QsNKhBCNmZqn_E7-pTI4N7QaUsDAhKlfLM-6egkLaQT7rV3n5UICoBES5NQoSJsdlgdDKCR9yVXSOsgTefEOllKLsnbyntpabBtusLuW3mLlCDvOalF-_DfF8ur6o-EjlqG62qSursECcHQh1e7Y6cDdKjWvk24atx6c9gMz7Hu8T5x81r27nWRrKydtDBDPzeETql8vb_ALD20r4bCaAW8qn1b7aLr81wA7Y9bT79WYC1n4Kpyxrxac0xJCdn1JdVpzORTxJ-Wj2UF9meFgRmDRQ0HeW9RPFG4wKBw02Zh3R0KdgWkaoABo0IeVLKW4E6Lb4VTUxDLZWYN6FAJxdd71z1bW4bZgWvKHjX3NwkIMRA_f48ntAXHcnLYfnx6-5rV9ut4qplL-91fLTcG6K3DFvRfHCfobib7qkusjoKT14lOaoHX997KCPRFqvnqQIL_7oH7_UmSmxG4emflnQGqmVqPhmfwV5vOuU456uZ4VH8i5xbJvPnBCjxzkH5mV-JGjHYG7UzJ2E4l3ZAfF7pyXb9LVPwzTqUEEFKC0JQlOaHA8oLyUFBnqRYSaG3gMfKWu9cokphabph-qpCTHF88ADxYmlJCnFfX2wiSLHHU6BLwzo1Rh2T1vuXRDh8aSulHu8pIVAfmSkfciWgAKR0_NKXx455oIwW0Oq0jTZR6bmlQsPOfODpqmRy9ZycqxKgfICn2hzVPED5pHqQRP1Dc8zGoyGKq0NbU1yPDz2kr0-wmbqC9_M7CYSLQDoe6D7R7V5Ngb3ZBjKY3FiM5Xc5M6VPucSxNIqRqSrNjUhogdRx7qARnbQ_c_1lz3NKd5xEJxvHilP-TN3uyxlFVogr8duzyt4s6p69N8CZXUlD7r1QFb7o8ambMlONFlXRj5GES5lfAW4sGR8w_tJikCBDCqJ5HoqZPXrNVsKisg3F_aok4e7vnrvKwcMZsPGHnDlnq-26GvY8C5Xz_UEOTT-YOrxH9xOTGMGJriSIT70Cf&ap_size=3712&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=fEs8azMyLlhVQEwlMjZ1e200dBrjQDpGkopQdTcDu7m3CkS9uq4LiPdxA9y7nRxU5IngW0UVjhcjukJMFQ51JUny7ev1R2wqS4FEOADFmG4ny1kErgiYdy3PTYiyJPoXTRZLqe-xXlGvzYLkZSS4YClRwCxMTLKM7CstNqeZN4PvhDc42Wu_G51CLcH3r-UPBU3DJz3naeR3fQ-YBPoaz9hPRlOx4-wpkAfo_0wcMRsUN6E8eR3w2EQ3LpUGjQ7jFyEpn4FknBzjRPWQ5BN-G46TTjraQz5HOROFbz1BZGi-YmHHsx8-9fiNnMvqs3z29soouwRrAhcFyP72rbErEw_E3bloD8Y5jOfhzpdHTqlHYVH6RE7w2j-M_fhJC8ElzG56iZOgmslobLAp7Wq6SC0arBTZ-Y_9dZA_4iNcuSp9qTaYAdchQDlKXumA6YgZV2MsyFqOSrH91Y1V6rG4z-7tHmZSHg2FcEeUL6EwNPrBsXK_yMxd-04qjaiF-a3VSVj58BHqzWXHT1OcfmZuTtGjU3yUG8m-Afn7jw_hKaGAzEzSVI1Wg7XRQ8N7UoV4gX9LaZ5rGVP4Jd7RBFfumkhYFidKrKX7MSsDtXrW5KN3WZB9sNutyBEweGZQjH5WawsG2PmepV-tm5_0RwNF7UNyn9imRh1EtnuwMzHUo5QX7ZjySoZI439O-Yps-IwOC0PXYIGT20Nwqlt_IIClv8PU2h323RVJoDKv_KpMzM91P9KZiZrFj1caeQ5U9urEAHmE7d-paRAaD7Jh0wYQ6oiLK0r5xlr1XhFh14fjwVonWMb9iIXSFFfA55Tc00t5_nYETNsT2IS31eiQS6X4qZhOv79FrpjLB_kpp6D2jTVedIFfczdbte8te1DPPgA1m2b2XCYQKTQjNEvbbezZru5Lzb3Ulq-q7RJ7AX0y_C1RE73i-WKaQNovYBL5Vc7I_xvskttXW0bnez6PP-imuaf-He6lJ7cqiPoIiwcOI3tDnzC0Wsa_8qhub7SJ46H2LXXVGXFoeEJv-lCL0ydt5bngaojml2YzoLv0GeLMyVlHoaC79s8LZQCx_T0S2K8M2D6VEasNAvX_7LqRfq4sK2zy2vNDnYad8SV2sWF2EksCFKEI_83izE9kSAnNBqQMDcG09EwYNc2xuBZdZhXW9boX4TSmOzWBLuFZdCcaCygrgGflXvSfwjkZqaaVj4ajg4_eXXy8D-1eWXJiSWWcL0_8Gz3K2NbHWgQcTBBZEuj6Ogi5Xle73l9XVM_YP8PDA36-pfcpWerclgst3n6Rf1nGKLvkjgdpkVNv7Ec42VjsyZxoDXC8P7kqN5DB3arW5XMbnlqsrTMYgZ2LsnJxV43I7HVc3-JfM6QNQiY7-puR9nSDoYG9duOU6ttQTqBsZgJpoAMPCx6j5dF-t0_5Wmr7E5Cx70qVQvmKQT-rLbKLR0eHRAvM4luJHNMc16tWlWOFuEjzc-dhshFXbjCGFfAuT-3Y8NmgO-Ce-mxPQydFrErVhFErvYQDgjLU5j5vclJrxB_R9LuaMhhWahSNPR9NCWiydgkTJ5zWCAXRxuibD2kt2kdkbvnvLIly19yCIPGUQ3WPTYFDXoP6RlUtbB_8ySr6u4p-uKjHAet-7RUNoO0sZG8CKKCSTKt5H3Uyn4CPxoAqSz9TY4EBIcTGKr0HHyUcWKUG2vU-80knGmJf3OjOfpZ1IFx5Myux_dVzX3M5AuqbV1wqlxXIUlh6_uspelhQAfvVHARLbFv8aO8t5dDW3FluH4kIrVQvUlOsbBRpVO0_t8l9EGCckykGrLTsBu38T2PNp_bPCeHNUGQmal69qu2FirO-XRQ2MVTt5IfXP2Azvakyo1iBtevx8L2x2kZbLki-5x6JQ2ysIz2jTL5HJiSlNWbpfTW5z8FfeYDLmTOCJtclGr4OOQgWQ6kMZTx-5nBSNN0sN67Gi6ap7NldISYoZV3iVezUmoPB6cE15LIiMjIo2P5R9lhbCS9KL7_O47ISxGiY93IL0Esdsrw7PFvLLmevDq2Xcz435YH_i9v4XzHYIEhqsN1D1X5gnO9PRTCsB063T0FqqmNtuKrUBUCcZzLVgY9EA8CAlt4vvSpO4FqqmC42P-JUOmojTtrJpHLsLx_rkN1v6pqxAeFnIVX8e-QsQ78qBH6UehUJYI9q4-NfiStzE7lO4s5YZSyuOD4SXk4JxNfEDkmLY-AyAlWg5CMZyGSTbiJrRMNT7Zv2F05gjgB_P2OnKIGYjQ-TXNSYNIh97MTc90ZFQGov4-d8ZB08Jpl7JERw2RWLVFZGt_gBtabV5BBo7H_wvTyS6Fy_lkPdsSL9vH2ZZsZ5TArD0uWif_x-AtdouLxM1lbegyqwRS4UwVS02UEVA7kG3-b_1kbMqLi5ISrLYHu_CRAjBqPYeF5aPlD8xrjm5N9rFK2xrbYu_8POc5RQ9WaVL4zyPek8ctABOOj49rn5BDzp0YgLXc8t3YqFMIvRZ522OZo10gHKnDcVpQQXlY8DLcCi-Xwbi4bWGIsPyEeZOQ_OMSPgqsBtfeNcHP8CTVqO5273U24Qs7N5mg8TUlldmF3bQ2DHv1d5M7iBkTI_XrovLO9I9OI_0WuH_-fRxf1r_SXez5qeA9RWs7TFnMeL0ug9mBnpvKTzSGUSF29jrZ-aWFMnQBLnCrvfqfuDcg5gAti-M_yk4xHDqsGfnqNl5IMOJBL1KgcBRyqiw1Jq-70Lx7Kk8aii3K1R3PYTro2mnbhKW8Yr6Rj_JcsvjxQ6Mg_N6GPS_wRpm0kSKZ1tw3dFKgo33PVcRq324Vv4WymglSQHB1nYAgBVeaGLnA6nwEUwaF1fwmaRew9HdWhXq543gynFuVqDWpFX06eM0quAQdEtzQuulQStQSo4yZ6BsYGJxQKk_OcZgnkx7dDktjNopLD0YM5jMnz_YLzNAp5EZVNIhQU2yUj-nkfnGV3rmHa6yP3F6uv9RjVfhhrF-GwlVQFm3WT0QWfAWeTl5AmE-4yb3H7IUKvJRzuyyWxs5eXtGIWbB5E34-x9_YwlVt2Qe22PiLT1Q_AmCAhRbR-1yyg2rgaKxHYVa7r-2Lm8OzTy-6HJ3BaFe5sgrj5iGG9fUZSP8zDCz9fsGEf1wOvzJJ3jHXr_4sAk9dXSY0kckQo8hKV8dkuHx0wvzxUQeflLzaKg2_8_ZXk3bd6aU99ozOhrdUmDxume-ilZedhA7qGSvi99UssH8OzMGBtvya4UGL3RZchk1k30zvzUSGkZI4ZX6xRmSh3Slv3yYCwvEEJhYc1RtjD_hV-kGafcDrbiExzxPNJK8XSPhK84DVwOeZbFF1keyd5EFLvKol4q58JbHqWMphAnde_jA_-8i5cUb3wqh4SsF370BJkfTqZvTL7PXdNAcAciE-zCy4ZHrtytWEzq4phv1_hM_Pizp3eNfBl46hdjgHJemqkr0BQgWyUdKkANwfmCt7990DlGmnx7rObqu67l3BdB1ZwMUBms2yd6t9zu8zdw4ltWNYJq6TNphroJQwUF0_w7hSgO31C3wRSmVHchyEnukNhkVAOGPAQh3e8Xh8VSp2gzhkt3-TYF-nFUY3WZtSmantPSxq00-3EkDLvJAq0VwOXcVEGwv-cVQIYfud7DPW-vi6n22TJIIigVijr6d_enQSqnf3NF6rM2biamEIHuzknqbIyQYS0wxBhJ0Imo&ap_size=3712&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=Llh4QzkzVDc2fkZcXX1yM2cvC-TcVWHECaJHwNffe1DzwrK1RQO8M6-iaKNhhWOYY-d2qlQurE4SpD1ZXEsG9VBkltlVciokKZ4uE-ibKq8a7NzwV5xzjXF99MnVeVDCUEdjkckkNtu4fREG5wYyYK6LeiddDvNY3e-ItcB4LM3tka_0UcdyzHbtyDgpczP0PuNGWnVOP_H3FV4-aZcjgOlK5trPZzALsSlQ55w22Ev689xxFxr2hIie_BB04aF_qB29lgnaiK81GCm0qGPWHLspa6bLqrW3M5eu5P5-OaLVJADZkbM95yaPou8rwYLwciVGmuw4-eJNtwV_kXzZieVdCGGxQSOsdgBcvrwbFUsV7PhHyu5RlaAQXcQlnJkGQUW_q4ckrsm8rLIu5fwPhhEb8vJOIy3K6rwbFIFdC5HYaEY1Nc4RYdiViGDGaGmdDmFoxd3xZ3roqrXS6TUdPb2iYHMAQ_0qYj2CDrQMeJA01XfB77o6ExCAqkRV4zQzyOfAKwOAfRomwhB6f2u9bEOEJ-CSEPzJ3WSb3qKtsSGWN3sb-Vu7SiRtokSG3r3pz8WP7ws5eCioKEKqP3-s8CwbvP4TUg82rbqYpaWrPAtdC69LBauXTx7RWWnIzHvOXqd9HNgZy7w_MzBERAwL5R49vypu7GLbOck1UZVFEYQ3m4OnPJsWh2iGmeDCC_7Ypl_b3YGqiIsK6GXX1C5Yvn4h-jARef619KszZxV9d_r6uv6d3qDixYcz6GMIPdGskeyahHqgHcF-Ciy0bMzNSQa5B2JsGxex1qNtRwfbkeblaayujqiefnT8kOTm5sBO_LmSqWKYRF5SBFTXboKcvgROqmw-dTXBOb_Ft1vsLC-0nwhXbyFINsIkQOgmFxZR1uTONTxIii0m2wASafjqWS2yz37cn9PB-kPpb3a6-uWvAi5ybCWMQkf8biBpNI1LX4-RLzfKS43wG1IQlR2y5D0hRtb5h9jShso1oGLT7PfiIC7EDKWvfmDfew_fz7oviWkQRgQJiwr-zK2JX0_uEOp8HaSqZKjnC2tpD_Y1U7ukMohARF80lN7bpr5c-xesaazP_uLxhBJtiZWb1kU8SRrOj1WTSpes7otnhodtZvC5Zo8gIbOJo3hBzq5PlQcMY7XliMG-PzJo5tlxrxg-Ka5TUYtnTiFPcsSuOh1SrPyJleSbKQTML27w8qa5aXQAUgHRfZ5c1K6CposNPmplRXZ9Yra6IuXAGFMQsGKdoQwjgL8TiWNhRPJ7qUCQqO1qIqTVnnfi2mbuiDdifshbvEd_Cl4XalLVmTszEMB_hKwZDaaprpHw7pm9legA6Hvj3PV-77XpLrMXrekSXhRInZ12TaovzCBVZUwUXXaAUIhJvFQIOiN1MXM8YQ7HXfYmQ5d_GWBqIm8tTBhR5u9urgbdMoJoDUcevURxVIiTBOEIxtpG8NHUEOaiArjGNXSV-Gwc2ULqMRNefRWfWhcIjFuWh9hTJ2pMOhJr74f_1d7lczY2-5e-ijJ1-Dw-iHi3tibqJFWXk-JMI9ezCqLlqI74Ij6mh0fFgh-WjCchuMqS23_6oJeAhcNUVxqS1KYVsGZ7kVp_cd5mjf-HToOu_ocUhNn4bxFiO0PfAkma7nKS9zcFZpcCjdigqPEfiQKQyGXNbxCuxrIaC1Zzagry1Mk5n-WnaMFsBlt3AD3iH_iWS4evJrFFaL-w3oXNQiqrNWS-db-0Tuglt4ruekQjRv_xVIDoYdqdqbf4ryO94cBKbTxP1yOwMxCl3fXZ_HDnFeH9GhpZ6Gb24Vr7tFQ8T9aQ-gEvsSz-5ZM9eiic5QSBtN8cUflW5uqG0GVfQcA6ocaZXYzVOA7V6whVWLyW3VLS2WYhU8HGf3Mf8sAvaE1lw0tmeFHpIY0OlaLsUql2TOw5LLaIDFujWcvmkiK7JjfOxT8jw8F8CN5YZvh0Bz2HQhP08w595acTF0kY7lAkmgkfzFjDGYaEyQc4lqe4dmTvaBIvhwM0KEgb_CzxoL3yC0vjVBSwRXdZlBbeQjCw8qe3gwue_8JwTWJ-EmuOnBkzv_HN1yErXlkW8J-vo1Eca08b02RLitKh_IQ-aMXwla5hwcxP75XPigMK8cJ_lZ6DqNUH3s9TtBmuN5M2pDCQoZ1o86aV8wKy8uZWoRjSUZGJKVZDaA3CTiPawLugfzMUcysFNPe17MCxjMBo7McixgCZ0iZnfKWVr98Iqj0lO4h9hs_jv1nEfHBSN-8uXiYwLAAY-UNSd__5dk3ZM9__TmR4PibTEimA4GX2mZpIIV3loT92acqT5vEIvwcBOTfu7kazoOHbjUk3AlCQ30MnYGQkUNbq0Pwa0noRzQFtMGYCJbRKrgKlrSnqPOMswJj8oalVBReWf8N7AF8dabVdEvPtTXsTBNY13HjqIWTT2zSSLPcLAqtPFjzoE9lE3SWKhdBFAEbSwLwhDu64i4qEcSrvhG2fYaD9oKbU9NVH9tgV-ve8gzzNP44a6UnfqIDbSUc6ythjU2mlEHZhpQykMoOUlxsILxP8lzbNicDbdtzv5EuHCWmLiUkfhpGNgkQQOWzVDxw4MYVaSnRprdDxKAMGBPbhqdi99EGtlk0MU89G44lZ0xqCCputF8eol7yt08_BZZkXKQy7IvmnllhE46iXlzOEVrm0yemDeqiJawUDe6LJ-8FEaN0D_sLxwnJT_bcfjGpUHIVPHRcWVHbRYb0XXQ3BMxMRIMHuGYk-jn22v9Q3PS4oMmHwPg8hHQOzuUQOngxXuJB88PbNWANDv9pNXTT2HG7oURh42ERMQnB22vCJjWhBwQrDBfvzC77D_DY9o2her44uE22vmnPDUiroiO9uwY_zsFlALLkU2dISmDhZ1VrmWcLY3C_N9NCMxhPW8P836-TCapHdO7QHvzQy-8wH7bKJ-0DAtfluOfuwE8M9NcxJqQYCLaUWyadAFzj7IVNTrUwjpPpLNt4FWkrN11gyNaIH2QwMFmsI_DMLPm6h22cO8cQnzvjyu1MLxC52RQBypYI0kMxOqW5WZBvVKoQqY0Oydk6nHZtAgAJ-p5oyVp4xfay0Ox6r_ccbL9lCwrBZMosKoGK-cWbdrIo8A110LUmfY2J63-28Zfe4q2sl3aVlN1nfzNpp2kcWPm-kPsXdyKMNKN-snxRr6V156eEXbdMNjSiS6RAS1DzDzI76CKQEJh3w4EPiBqumcOx_HNjIvhjaCitw2ZCo-4x3vz1R1oA5WekZS7Gyc3FEvEDi0UtJV8-LoRZARmUdV_k8OWustaQH6_ahCSTrfnoGy8OxdySfx4dco1cyhhf8Tt0lE22JYCmpNTTzIXpiYzLlpyqg8ZZYQpMLCeBEa2o2nBVOe6EpJaa1bCBmCFh3X6gszgM2wGPIG-Fsk2hFST3JfNzaRzHSGBTY7Jg87LJD7C4pcKP5eHDLPqBhT3ihRkn27QA0vicN_d5II-_7T2zxHb1vlauattxg3NoVK7f_5JKvUTbrjG4v6TL-Nb6byyCCqB3LXxljVLyA73Ng4SgNsUHyZyzZYWLQ0AtvEj1RzmxbcQxZjIwJbH3KgzMfw-SZpKJ7xqvUemZajkLn4blmCfoZVBNZ2WMkspIJYm-CmWGowQz5I_b0gwoXO7mX9ozUxkSTpsRnAGG3PJnf3k9l1pLjmJyXlPKlvq95leoYquacAT8GI8CWGLSS&ap_size=3712&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=cTl5Kk06QiN5bSN3SCI3bthSd8s-X0k1qgl-UEY9yz-H8s1lEJBl52ut8UgLrHL_nIx9aJ_jIbn2v9omhLZEaJ-EehGWuS4iTC-Z8KQmLLM5yCKj-A-MHMxLjTmk3wF6GqciJe-tx1WaXujNWXvZa2Y1x_Ac3zZc9rSNcRVyMNpaYt-jCQgeNiK8N1RXd4oqgzYsSyToV20RiI5CDM33rCCfap7gB95tfqSUV-qPFIgCjvmXaDoiFU7FecoHMBT5pCSNiNcGkVjzTkKVWGvH7c9fEz-pea-pGwf47ZpxQlalGzbz2fM2LzaVA5MZfDU4q7eoFkDeqm8qZuJTFbnW6SwXPxInbONINl2XLRdyLGzP9PH9QMvytECPmzpq2knyHzx9G4pjrbJQwfA_ZJ32SCkweWuxq9NYgW8io4X8exXmGKQJPxoM5pjmfotr9iQ6zM9MPTWPEH4lI7soUtyOwX1WouKQtrm7dQ8dRlbGjLbTE2L4n3QSVh15u5WIIaO9cZamh89743bD4FFWfID9ttmzrkyYCBs2fGp4mrEr6P4zZrlOmQPk_6u0h0oJ-ar-oLn_ifKFnzEe4_XYwceFF_OP1BCdTor73OQ-_lRb5WzzXeSHwm4LF1wR7IsfKj0vagZw4kMf7Wci5hulZYfPuSFpTViWlTCV4PrYOqGfhWqNspyNZGW_E_hp2tTymvfCY-pPKVU4tAnq9smljyEt4ZKVEyFueJ1vQMA1Rt69p6XELgdloUsdzfNVTx1pb1WBz0vEUam5iH0fFeD9Hx9wTj5K3uXfhsyQZEPNZgDuRzuZp4AbW2ikTPe4OYEAUC1mcKPy96TecttFZpjVpZrasPjBHKhBsJBps3djXHErODPOeLT3I-f1XQ5trl3u7AGR7abJzIH9tzyXH5Coao6R3ZmtPHH7bpVnMyxQ6j1-Oh7y3jMMY_0_2GcGgcPV5ZTLVsYWcRwlxAepg59-mczQdEiwvbrnd45mhw0f7LFeSp4nuxmDHetgwC9KuReqotv7q1HeXsNvgfVf5af9E4Vr5QU9n4VxlcqHsG0eergXcTRy0rCSnivW5LN5y23vaIz_WfeYSMA3-Dnbp7aAT43W08d19gNKZUXSpgG1YbEEegloMl0T_wBnU6oTEDRQPMiX1wUHKX7z8Q-fZXdIFXY_veKq89FwcU8-VbiXrGqQZEQfIydq9ynoFtFzHv8QyEXaNKiQY-dOGIuloGWUlu5bBmfgdj0ziL3S2F_9Kvf6MZgvb9C7ZKMdew-Z2I3TuCi4HCGVobq5Cw2xuNnnfkG4QoZHE7cUJFerpP7wpwFkonokE0Rt9KXPXkw9vXJPEfXpHo10W7e5jDNtjFZd0TKbt5M5HuU3Xxm0NyNyFrODyyZqx2GN2rc7RqFl49lc_ZToS5C-dIT2KHm_SIuYhSN-zsJk0568KtsZx5T_3On9rmKBpvDyjQUchXflbAThNU73JSQvDyNB72e3Qclp88t1meCbSRKRpnXbRlxBqCK1BSG7f5RjYUW9K_8ZZ43NeGgcy4ytcw76BuRvAV34-h1LCGe55fBFxRNkBAuBcOwdqqYbKK-T2nBNjEFLlVEswfAGLPS1KYauLJP8Z9nHq_MDM26jW0eJ8n3HbA27GeiZeeu8f2OTJCj6nAmziKkcPM2AkQk67Pqx9J_RxEp7_vVr8Q_tv7LumEMP2yhvGRk56DBsMHfiYOyQ7Thk7vsb4Dqz0nQDoz2aatEwl5dCYI2gT7MW841Mk_JQArDmdaJ_m6aMEkfw5zzeeexPA5_Tnc0fohWSDDS8SdX5c4xJ9jRgzNRQsQ-3-fjaFr81dJvHFV9gLyIK3w6_60p1ubVf_SualyYxBREtRC-BU4mtG_NDaNYvBKVPIbwbpQJ25pH0W15dSpnSX0faG3cubdOiwQsp7BtXXvDMH3UADFvqxd1KYj98l-fNs9ulx75vtr8Irb2IWGl42luSyEDHq0qx2mjQCSUbo4r7IIZ-PIy5sNIVTxqkk67UcCP73vlSmQFVGYvXHpOtergtAtJPGmjhvuci7EZVU_0pzYyKjO7K11wNcaRIAh2zhqGpF8Zouuwdj3vFFOh8yilgvxLeGu6qPDJ74w98bbZNS2rE7xopf0B4vH2nA2RuYohxSR_d7VSt7AQSjkcFODJsGU21A67W6jz1cefxpfsbkOwcVVHEMkO3E1p9JH8qYD9Vs5wgtsknrRWAknqtcoxLPMa2_Myoysszh4_XNrUbK8hGOqg0Hzt8n-fg6nEDLQm_-H2j-2VrwdWRy_YLazthXidVL5bawfijjJh6OBQ9M84b5Cyqq1OwDsGzdJQk3QVu5OmGbJwpWoUqJ6knQuP_JVKhOH5DD83Vh5YlY-LavIdyOdjUMzjTZFZoBCUunI3SLEq6trQFQ1AyilnAmb2Sdhhh734rZod6k0D_WXw80ffiMhhSkiU2Vh6r92xWtcUX723cIuQEQ-qER-WvYui8mihAlo4-lbUCPnz6a61kERWiBHkU1RXEjLtTubzoqzJ25TW06QeDY0nAy0DYydFOas-dqHn7uYxLR_8CP5WIeGYJVT1C5Ar3fWid0I65MRCyuSzDiYQQaQHlyHi-O9VffFTZbdvWai9CdLbIkC4YCil7I-lQ3nD1FjTjguE54Ch_bo9t5I56EIZm1ShLe_uRohP6cfISTvxYs4GPgaWSzYLXcjcdZ5duwlp3tC4Kwt8haimjywaZ67XhG7DjxPuQ6NnI3pgo6VW5QJ2GMOKVhpWYEedpYlSGvfVPfb6sZIaiFrNMjK7SeF7XIgqHgYaut_mEcGDfz0Cm4ZWbxGqUcAKZuEencZn4gEGaw5wp8G_lv6F4VRH_yb8uhyoK1Wg2iiviP_dFR6UDmcnYiJtDPy3DZU4PIdOGfwHmt5NdoRQz0Bboi7jxqCvRXP5pq0PALAPB_GphcFBRtEvDg5v3Bzdjn3uXKAJlmDzYrXei9lOHunq75Tcn6dlRJIdx3PWiLM7amcbKsA8vmVQrzhpaS9WrZcEudQSm_Th5OdlIYi5tZp6BmXOx-G88gX-cXc8XDQNFn2Js8P1_RVFkPxJlHKaWqLrXogPnbCxjn7VWO3I-i8kxiztVxc2WDVBB6l1AofzUZLKO9hLbWqwY51J1v-CAxa2wzhJlcMzC3wtqmGy-IS6YqAnQC7fGD81ITUFUXqku5aPvfRXTya8RNy3yPsQMeULiQg_9MntzNi-OgvTIOsMIL8tsytdCdWLCd2xJFF0YRiFhexH-CgYhYFlYPTcJMVRHkpTWo8SFKxBVM1avJM9DukXH0igyQkUQuBUhml_ze811i_As-1ll3h4gqe2yEhiyMo-C9NQml6vFYmbG6fAzRoI7_EpdhMg2BSffJ6mYt1gbj4HVMWJQUlBJKJpAY_U0ehVAAnVgxroldIeBHkwh2pXj2pbFCiEAyITlc8_dZ5VByTWlrczghvozuAeElTKCltPM3H9kCU-75bAmrDyZ-34aeXrTREZ1IhbjLiKGdnKzxhMgB_Jmo4deDHWKSNE6huy1EviN3AOJVm-Gx4Tp7iSIiFvOe6H8s6Uy4wUm0KcJ6yDwqc6C3pkFmIUho-PyODefHw2oo6CygWvXuIieRNI4TqmNHaoI3iqRUVeiDuE31cjRKM7Ygqla592zX42LucK21gzSJOpCsaPLHHnJ81b_Dii7rjpC6iUk53ps_wO_Lju-&ap_size=3712&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=bnxSfnhvTTh2MX1WRlUuMC9RAgPAD2hpJcCIg1aMXni3cX4XlIH0kuNJxWBPfGrRO7PtqhjG2NpEY9In8wJVeRlX8GtXOzkcDm9GLl6wmiEwgWmvi-CQ7fugOHAQbsPcbqZjHujpF4xIqZlW_AupfgH2zUD1lw_6g0pTtxKyhrNS0mDOPdEtot_DStuBn4oEmLO2XeHKLPW4sRgcWqpwJktBBQsynB35hD3d3XMoHbxQAK3E0LRKFDoyvxH9TcMi7aalt4e_piz8T2L4J3CfSH6EvF4sMcbFy2SeG66HOeATianj9CG-ut910jLsfqmzTCzGkoBCku6eCaseY7IKDGYK5bdFjH0YgX9_F2GSSjvUUl-htZREkjoybG7-oml5OsW7aTXs_PfpEopzI5KisFaFNQtuiyqb8P9sZ2IG8fOZ1Rc-l9qEXEhVI2F3nYWoFQn3p8--uZq3AmTpBQ2RnpVu5eeNc9Ku8RY2Bt2btTFwS-hYmBxzIO4FxyvCjmBSCAZdRY9vUJ8lG3e7g2x0FjmAqMv-qlZ4l3Qvmn9iQdAT9AHVFBZRdLTaww8f3M9RAk9dZqjmGyUnWiPcgqPqSqbNayJvmggNEMCn_teFEhZJNmdP2P_JUOwxwzTxKABZ0E2OW6SrEdQSSJ6OZ8VHS9qET6CMyoeJJlPDsRWyeO80XQGWhyVGHaMdtKWilixaZfDDFQRXBUQQ2Kurko8efbelVUOnaw5isSKkM_cqIb_fMPvk8YCVLKZl7pF7mgvXNqWiijuEXUnz8ovvMy8YwSf_EzK3rec0IR2fLD2Pyrt6IIdM5AbjdnFnhoJ0QWjoV8Vlim0TzOlVJiSeGbwylNPP8DXLpGAe_FklijGrKPStOLvnyx-VbRhZB5ra5-O3yQ5sbi3BReWZblkk-FSBS93jOmEVBBBmlkjy54s0xnjXSd-z0P0eujOa_9M4MhtVajqTwcki8bPG1cKLXRJJrbdivi9688rhznKNp2jsHQ3yhFYoRA0jkKKw5lzOq213C9DXQgpj8SSh163G-Ft8yoi_ro4rtKy9h96ps4antK6SierGKFQAO36uc9xhF4fsAGV5CQgmGfB5pN4SFoif29szU6-ZzbNxfavJXmLwJ4NPCXHHiOTmi98AJVQ8LRbZVepDjrf8FqxfnZ8IEw7_dWYKAZSMjMY5-Et03NU2Gf3EfJncirRPZRxHLVkD1xYFounAfh6JEQD1kwR2G1P4rV3Fw3XxSVVsGmRuUEjehzQhdqNnUY2U9hy8c0NCOo8sUCdtiAzk0CPu_S8HC_fYCmt8qCn2nJyElrs1aFjrWB6_u-XIz4ImjJNroeScYXiQ2MFZHh0y_JC_KxiY47vnUgRCtk4blYHcOHIO63tx3rstZR3SgoHRGlqQaBv689ZQmSWhZA4LEC62MMfcFNcgkmVX0Sn88HBjrLuzBQN_m1v_IIxd2ojfD1bMAKtGhMjJP8_qpK9gxxTDxz7Afjl4w770nqL8kQpKKh8XxwhgUkXVPLxLmeLVMcg_tILdwBfYI2ITeSNTPjCREqKLnMr4RA8oOORTeMyIS7BaaSFjDHda0Ilhl_4eBJee5xEIszfSFTlnttd5cj_EDPqUq2ONuG_vVujJ7nDcfSkiM3Ml5zBJ8FnXmitOezSrCX2VGlBzYm_5JW1W9kGKdO--yUDmdBAf98314W7T3DfhKkyBWhuD9hgxWtO1hgVp1OWsk4N55wBJCZWCFwZUz2v382mGv3Jn08pITzG09zAflhvmtBpCkJfrC8bycSGVuGrjA0YHcneshNAbzeW6-PPyRBvZGoXRO7ZiTSOf23dVZaH3OdOQPhpBknndJmuaFiBzTL6BI3d5x_jhgkvDBYyERuSATOvLj7-gHQ8-oCZKhu_GPsi3n96I0ClGIAJJna21d07aiMdcP129v87dVgW0O-tLOc68NIo0PHyKBtgGwFE5z3hb0EXKGaL_WbGgQVbiiYVjb4T62bVQY4aCeWQVFOsnFmg4D2hxIxs8y6y49PqTwpvdOqdju3Hc90rx-WYreoYKpojJDJgScom_YrpvD5h_dJLcuvYKQXcTaOtquN0t4CJKpghWwht1nILIGlgOvxv_BolpNUueIuVvSPxZSVZ-YRrHmorjiHPjzscWOS4ipw-acN4-QBZXRjVlj0cY3hDXf3w8tcI_JERudekV-TUZnGcT1lFYdNtiQL20a9vMMxGGk2KPSaQPRNPV9COQidHL28JByGnhvAzaIbbF9kay17Y4cAWT-OHGHQ6jQe93ZhR9Pg-HFRQTfQHV7ANJasJ7VKFZG8o6O5pUyVgH_Xdb5Y9TfqNbdFa0TQ-VHiMzifmckfTsp7Ek80KMrNMAkwhgMYnSEIXLz2l3PJnnjkcLrQPLClbAU2UE7q9HH7slqwth18LntnN5LP837UnL17KJREQxW_79aVa-CwX8psPv1gzqRmBkoFrMcBk85nnzETQhl3KVOnsasDolMHNnSWV3_m4xPXMVdz6oQySTcnu1Vvr9Vu3cNPd4HNe965ETX8Qm0mUid6n0XmubFl4stBWO_C2cuYQmF9-78WBtTVtgZSr507Es7-mcjyp9fWNGxP8JGwjpsBtYLzIKTSa7iDWWIhZU9w8yLlBFiVIp-G8sLYzcf9a7BOyKLqC5U8UEudM6cC6b6MxLAh4YY-6JrSZmYPiWuiPEIs_mbwLQ6y7D9GVa4H4AcAR1K_CsXfDJXiRHrImz5SAxbAiUoKOc3ULwA3nWxzifDau0xtocJD3F8OdeO4lpHvYDi8JygoPjprCoFb45lsJcxVTRHQDoNWsUxQi0TeZ1g_UQyMfMGOMVirnsKKhJTyVpJnwUDuV5roak5WqSOQrDd0SsnlgE1oS2vNBu8OUC9RZRHIN4Et2z3P_YtiEp1RjgG0jfsDq2pPvGLRvf4f-uU5XTBvGsanlzef6ciM3FoCp2AoMbwDVg_KUVBMdDMA3QUa-HQQD7GlBrQ1PdKm9arZ1WPahGrc14jPUHirGim8R6dmt1npeZIFQLg9QJgD0KekLsmT84IP6gMZ3LzBESOvKJSk3jJ6C4lnc9fYKA3ihA89Iu_jUjyiE5dJeP-2Qp0y8pIoJJyDRFQtbXK-QhD8babcHBiyEL_1NlCHZaGMPKgwQv8UT_ZqQ5wfrxeoFHe8Ro4cM_M2x1B7LBttJ4QN0h5Ja4jpULH0boE--SI1ws5sIU_9itIN_6ac0QoWmG7ZJY7IVl2Xfr1xWLoT42VSD6CT7GUoa1Oxo9jAyiIJqn7cpRKev8lYMvvPjUJImLSKk33_AjNkFN7NBYv9DKtZHwQEULeG0mZ1FYGRIZUm4Ud8mwpsuZplfd9mHXQYou44q8hBWcpfSBFZ-FGGEDsyJOlOMwsEr8uOfqyt2H9_w7v33nbTafg6Bf_vMwbavf7pbESSQUsTlOx5dkO2Nf56MSml35gEWhqGaPkrQsO1EkAYBtolMhvVfsz5MyZJ66H5PprIOc2AWDrLqhpLwzYdomdeCGGrdgLRHXKLv-haLN_RYEisqTnN-06XaoPav-eeBRqt4bESKuzjxC0o6PVSO_XTXUIVNrjonObCpbPwMXrNnIA5Ix3UoMtjGUjT5wYFBQGM7iDqTP8gvqyL-qeEFrhrgs8rJiPX7tJf8UdtkDSL6nPBmEIO6RCp4-vEy2fAYsPUGPhEI%7E&ap_size=3692&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/
60 B
433 B
XHR
General
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=K34kOm1sZkdHKFtMRXYxS-0ikaCfAktpI_KaW_Bjq1bIYzHDzss7kzbZ2bBebs0G_ahvA5-Y-Z_aH_APyEMrS1jSQVJ0apQX3bps1hJHauwqnentrXPvC667vfYOcsiq5Tda_5WHAzVNtuuSEDK5Nkrtm40LT8hQq_c-kgbRjmGrLKQCXz70BdPEX03SEbn-YlkwHRB598TA3Oi5VDOqYS24Ygt7LMMTS0KKd14LEN_qLfI7sF2YC_LT2-1bZSKl98JM8dZgxigPZ4R_iDwICGO_S5mii6gnPhkd81lD6zfLpSGdgYgc764LD5QMOhUBdJTX6Hf5K56Ob4hYGXrSGPBj9XbPEMXBBdwM-9isqK80KMqIp4DjhUcsf4fadDzxaKQOM_tl5znMYxFg_ccgWv3VmOA9FgAd46biJutWJ2NP7mgG9_Fcqlv3UqdfdkRiggZiNj1n8rjpCLkfGTjhlTVGe1Z4DOMHiolueF9dhtZHiT3DpRrD91bSzErkYG6iPvIal9kbHYHIoqLgLiqqKgPkfQ6x0EOYymIoiwaLWh0JLhKHDc8WZrj4XNohm58xpQwLKLVLfzE9xykhQWasOcEeVyil3OaXCFmZTbNKsyCz-ZFN33jDqK-SbmgGcC-UFthwCJuCpxrALrXbRoZrXXmV8WKF9cJc7Cf5LYFEWz9zUU2fgQRN6aOoWt-uvyz3SZIVfkpj_kakut4YPS8eAd9b7HUqlrjzhIHYpGP8-GkgDITmEulcZetdWLMkdTpI84ugsCsXfnZ7qClOal86c1R_7yJkN8J5b_VlVk7IST6QUfuPoxqXBjc7jI63iMN2IRBWH1Ic0g7VfGiNPPoAlbxTLiljbtRL8AU7cvPJKeq_N1jlUAQ8hH7CcDB1yIw6ZGWlLTbU0zaL_sGanfqgx2fzGgkA5vJqrtsvsJ_DQBD4LBl_wSqOWN7NnwW3u7mnyd6RPHloD15BQLvR5igFMiymaGPm9-TBMuU-83VJz0syY1kMy2e0NE6Xv6O71bJyH1GAWEk2mE13JZRx5I0eFqePELIp9PW_UrTFLMsO1qgCzu7hLJpyd_pzyimFcH0azLUBI397xcqowBKaUOTsUNB_vBZS6NaSbIk7GIzQLQSnDwhzy2gEe30aYml6jilGZDtt8bHdgSjgKxYAnWoK4jJPqngTp2gutg0ZpI93Ur37WrJifyVCPjU0Z8UNNh5lEboeM7PGnuAqdkYONz7a03mOq2RRxVaixYrihGxtlYdyLxeXjRLWsuh01MS8yZ_0Uq85tQfo3G2s08ODxHzN-WXD-FOTU94Ii9PyieC2ITgVDOqUu9LaRWl8O85e_cFImBy2lyDvYwi5WhERZ0xjWuveVIfwIGSQM5_7GR2F-L35Tc2aambRkgSWxh9_5jGhinEBgingWjHu34VVp74q7fi6sr_9r_Hr0wONnuRmapcm1Lzz3G1Y8oBBMIbo5tHwqf4gKu8R1WbnyYlWvdGj2p77nBwpw-vFJW7pknr6Pkg2VeSf005rBid_2iDxX4FmGlZxIxaQW6CQ5bJK3V4NTXWztnj9ymGnkNA7pRHWUZKvqUH8YtHwRvOcz5gxHw61AP_-CXcglMB7EbBa-t-nxJ7xGXqzuSg7zWFI3A5IbVusaLeqism3v0GxmrUzd0f9B_YoUm6umwthG4VF1eoklBfOf6TdMiP32HlyCLssnuqZ6vUW_prsqpf5voG7QVEYH0ThXg9ijpPbgg0FHpewZHl8in3Ns3IRUX13Yy_nipedxysNCRstL1ud-b916FzXkL-mouvwAEPBV_P-2MKVtbk6GdUnQj9riPN5EOQHQkAxBXLnPZ823336H-3qAsLwA0wPdGqCob4axUtV2GYxMfynUiDONPwEotqfWTHI_EvaXOnHqG1udIBoMnBxZs8kMWH5g2qGbYY0YAjTUi7Hx_65txAosqdvSHkiYnnndLlBQG1kLxvnGsFqtvhONuVC9Hk6-P4S-_Oux5S8ZTO3cxK32eykqLcLm9H857UrqzWz0u36QM3QzEIdzspUTWUFfE10DHxulhZnKAR6J74YuugBDwYWaS0nfMkS3IezHDYL9UNJdw9BkrZ_e63RbWJJJYZuIDrl7GTcv4DdTNx6OpTToax8dQADeQAD0ea0DaN2EivLKEFCRDBj_7Kpl3A6UHSLmoIpuAj6gVcFZGWHsMNSibEarkPui8ujbQADR6SdajNH8NjEfCuP77I9kdyoPG0T000sOXfcNBtwrEpp46fFu9QGF9GNVL1E722zqLy6RMHSOnua4FVy3DGcrRnzN-AVzk5OR7th5uJ0QemCixhY9A0Mwq5zcl3AXqjiK9N118rNgejdSWF4AO20YGy1QshnE64qXFwzVVeLffN8-bFWD_NYmiH479YkORr670Iab77r0kWW6E39YX3b0dOYI46NyATQWpiW5Rm3ubzT7rrrA9F0CF7vvMv1z18aKtGwqnpGM8kvh1mSA8kO5xEWZEa_tJ8sUo_mz8i5kJfxb0wbIfGIVCknYwvj8F7hHrkOBTWhgBEhkGt10WH3t4233uUvFjewT8g8RVzK7A3c1mJgzfwIkYXXSlWK1RV94f05jRZ2_w7_mbjIdhtYDfwggC1iiKwLh9gee3MQVFjCNFTiQnhC4CqeIEknDvsaxHyPJGKGwp1YBafth0vhG6rneM27gB7B95S7OrF5AMzW_OoGyfPRDz1bjIoO8R6JNuBNJPgnf31Y39kbnXJmjyJWXOOqwyMg06PTfTTbX-foiEmOHtGq1GZKLR8BEdVSxT2dWlKAGLutlp2E9_qVy0rwfUm3dMQnaNplTXP0KFiOe6pqGeETnINFaWaC0jjREdAvbpItF1tsY1JQ04ghNrC0K2P8SwxlrrxpJgK1Ui0pIAlJNRb-GNMIVYASynTl47xaWnpkBMH-HAmh8I2QsoCQ9GJ8OXf8o8v8LfOaPrTBLp_MHrVIpPzQo3vebqjQKft8NAph7qzczHieM7R43OMFfYbIvRg1jbed4dy9anGZIsMRzESYJ-mWwy1o5w87N96gwkt6t4JOliETkhuN4KNT3eivnV85Z1SAhOlZzpWl0lOweR7K6MBAqOseVQcs1_TW-6iwJAfthI2fb-nCWXdJWFg34h9FkNBpUP3phdlSzLrvkoUFYm20z1oTn9VOEHIZ8_PznU4dU36GlNTB8tLZApwbA9RYH4VubFNhSzqUZ-qF-AjWJV7GcoGO6MJ-8WCfj7HyRd7T4uXfUW80yPtWtUuC8lJnsf1-hiQJQjKAa-Dlmur6_lnbI2JfV0-eMVDC2ngFfgUWf-8xACPoytvdWEwLlbjUh_ctcDF9aCC2_wpdEh5qhZDdhQiM8GNx0XD1LHsTqkAZafDFbTkBVJs0JJ7bVo3dEBUm4Htq6f6vFEqreBh1u4yuXCxsrwy3nYiz1-ErtXGn9FwuGm0qcIi-4imYt11u6a909TorJq90STgldMQ6BYMe581LJHve8iR6A7gvJCc7zS0trFYZr07w5Uk57cfIpVZ9y4KpKjnbSP2rSlrD0upGI75wNBa5KrOJHbOBuPj83b8ashTyNpjwXWOv7xgVEAiB7i6CRcyfa6Eq82ejNDG8qFOuduX9HIGdQJOi-1oc9OwxfXZ9dDiaJjcMdMcWl6F7gjtu2afI1ylH0PbZ_KPTz2L_c-SJeQvs9wvvs9YJFs7zhaSeABBz&ap_size=3712&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.7.241 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
ac
www9.smartadserver.com/
129 B
522 B
XHR
General
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1696003934137&pgdomain=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&vph=412&vpw=734&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0012000001RFgGvAAL%2C1%2C%2C%2C&gdpr=1&vdmax=45
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:13 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://nypost.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5B59
255 KB
63 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:28:02 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
last-modified
Thu, 21 Sep 2023 19:18:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, MUC50-C1
age
2653
x-amz-server-side-encryption
AES256
etag
W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
utJ6hRuJGCwsBueXfYs6d-z1xw1gzRPDul4_ooc6FQA9m8cE_g8s_g==
expb.js
cdn.ex.co/prebid/production/release/1.6.1/latest/ Frame 74A3
556 KB
182 KB
Script
General
Full URL
https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2046beec32566b904b4f546fb3ce9e594af6a83e54bcaf1d8796a262815d28bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:14 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
186076
last-modified
Sun, 13 Aug 2023 08:45:50 GMT
server
AmazonS3
etag
"be8d34dd7ac3b657405a45f59f1a5aa3"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Fri, 06 Oct 2023 16:12:14 GMT
landscape0fb9c8ef-2957-4427-b661-61e0524c1be1_1695312578389.mp4
large-img.ex.co/video/upload/c_scale,w_800/v1690196540/
712 KB
0
Media
General
Full URL
https://large-img.ex.co/video/upload/c_scale,w_800/v1690196540/landscape0fb9c8ef-2957-4427-b661-61e0524c1be1_1695312578389.mp4
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-cld-original-filename
4iAMHQk9-fJbDEVqk
date
Fri, 29 Sep 2023 16:12:14 GMT
x-amz-meta-cld-surrogate-reporting
width=800,height=450,abps=41227,fps=24.0,du=120.094,vc="h264",bytes=4951158,owidth=1920,oheight=1080,oabps=174298,ofps=24.0,odu=120.093,ovc="h264",obytes=20932049,oformat="mp4"
x-amz-request-id
RSTS31F6T5FQTXGS
x-amz-meta-cld-transformation-id
6689139806058034417
x-amz-server-side-encryption
AES256
x-amz-meta-cld-version
1695312582
Content-Range
bytes 0-4951157/4951158
x-amz-meta-cld-surrogate-key
502196356127915965195966619054958153653 295080953872673752238392952027982591845
Content-Length
4951158
x-amz-id-2
qBBm021+5Fyj5pVjjA3+mCroUFcoyxXX51BGajApq9sVjMVA97NvDptrHUgwqwLPVeqmfFn1zPQ=
last-modified
Thu, 21 Sep 2023 16:10:35 GMT
server
AmazonS3
etag
"e3d6d019893db7ce5ad02d75f6ea8d30"
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=30844921
accept-ranges
bytes
3105
config.aps.amazon-adsystem.com/configs/ Frame 5B59
505 B
772 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3105
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-114.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
dc29b5873f4103d961b4ce1ead0d695cd22a496e90d66613e570247f4629cc9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 15:57:16 GMT
via
1.1 432282689bafd802e8ec9636c256a3b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
898
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
St1EwVuuNGT01QTQlsyaEiqxRFOL9LwRL_r6jLRl6RcgxQI5zkgIYg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 5B59
177 B
531 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3105&u=https%3A%2F%2Fnypost.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
Server /
Resource Hash
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 11:22:49 GMT
via
1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-C1
age
17364
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://nypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
177
x-amz-cf-id
TpZ5ormdD-tHNP8MhbkW09ZipN1h1JaQcCPXZYI6Z3RiS-ewCI1DIA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5B59
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-87-107.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 2d469870f5a756385a1eb37325629a1e.cloudfront.net (CloudFront)
date
Fri, 29 Sep 2023 05:00:28 GMT
x-amz-cf-pop
MUC50-C1
age
40307
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
f5q7x7wPdZwUwuPOyCA3IeJPuIi71nNWR3hSlJ8gaXi8yoFaUVw8Gg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 5B59
64 B
499 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3105&u=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&pid=pyADFk3z6mejC&cb=0&ws=1600x1200&v=23.919.1525&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A600%2C%22id%22%3A%22exco_instream%22%2C%22mt%22%3A%22v%22%7D%5D&gdpre=1&gdprc=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.191.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-191-32.muc50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:14 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 0c9e9d172625986c065b7bb9836e5d08.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P4
x-amz-rid
Z9AVSM1NR1DRETEK4EW5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
uAL513E1MteadjHJJLrrgxfaoZYtu4YbDvsoZQD4ZVYn8ODmZqCInQ==
shim.gif
creatives.sascdn.com/
43 B
388 B
Image
General
Full URL
https://creatives.sascdn.com/shim.gif
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:14 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 28 Sep 2024 16:12:14 GMT
events
e.channelexco.com/
0
247 B
Ping
General
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.131 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:14 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
mut
ghb.adtelligent.com/adunit/ Frame FA0E
0
227 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.flourstech.com
URL: https://p.flourstech.com/prebidlink/y19629/hbw_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.flourstech.com
Date
Fri, 29 Sep 2023 16:12:14 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
mut
ghb.adtelligent.com/adunit/ Frame 0F6D
0
224 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19629/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.medocdn.com
Date
Fri, 29 Sep 2023 16:12:14 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
SPug
simage4.pubmatic.com/AdServer/ Frame F203
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
multitracking
ghb.spotim.market/adunit/ Frame 2057
0
221 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Fri, 29 Sep 2023 16:12:13 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
multitracking
ghb.spotim.market/adunit/ Frame E5B6
0
221 B
XHR
General
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/vVHn6/hbw_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://nypost.com
Date
Fri, 29 Sep 2023 16:12:13 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 2057
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7772
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84466516&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7c69be9ed282fddb55f79b28a2a2816b9116a4357ac84e4c34591005c538233a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 29 Sep 2023 16:12:13 GMT
content-length
1421
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame EA04
35 B
600 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:15 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0FE1
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0aaca1aa10ee75d6/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaggjgbggbannTVQU&gdpr=0&gdpr_consent=
42 B
280 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaggjgbggbannTVQU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JaggjgbggbannTVQU&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 6AEF
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 29 Sep 2023 16:12:15 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame AD77
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B7D66492643D4D7DA9C652C79BA77048&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B7D66492643D4D7DA9C652C79BA77048&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 29 Sep 2023 16:12:15 GMT
expires
Thu, 28 Sep 2023 16:12:15 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:B7D66492643D4D7DA9C652C79BA77048&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 573A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6847846759
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6847846759
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:15 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 29 Sep 2023 16:12:15 GMT
etag
RX12b490af480f4f24bca2d4d621dc4945003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6847846759
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
csync
sync.adtelligent.com/ Frame 97E7
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:14 GMT
Etag
a2ca1699388480ce
Server
Adtelligent
mw
mwzeom.zeotap.com/ Frame 7772
95 B
439 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80e581b33b409b88-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 7772
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:28 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:27 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7772
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=03a241d66b1bdffb/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=03a241d66b1bdffb
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893fa342ee09&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGPt1RZPcArLb9P-D4QkK9U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGPt1RZPcArLb9P-D4QkK9U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893fa342ee09&zcluid=03a241d66b1bdffb&zdid=1332
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80e581b45ccc9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGPt1RZPcArLb9P-D4QkK9U&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=7cecba7d-cdaa-472e-6d2e-893fa342ee09&zcluid=03a241d66b1bdffb&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7772
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7860270711371651961
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7860270711371651961
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 29 Sep 2023 16:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:15 GMT
an-x-request-uuid
ea6275c9-b862-45f6-8f4e-9f0955f07123
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7860270711371651961
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame E5B6
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 2057
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F203
47 B
167 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5350865&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 29 Sep 2023 16:12:13 GMT
content-length
47
content-type
text/html; charset=UTF-8
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame E5B6
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
csync
sync.adtelligent.com/ Frame 76BB
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:14 GMT
Etag
a2ca1699388480ce
Server
Adtelligent
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 0F6D
89 KB
29 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 0F6D
89 KB
29 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 30 Sep 2023 16:12:15 GMT
setuid
sync.ex.co/v1/ Frame 07E6
86 B
690 B
Document
General
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Fri, 29 Sep 2023 16:12:15 GMT
vary
Origin
setuid
sync.ex.co/v1/ Frame C805
86 B
690 B
Document
General
Full URL
https://sync.ex.co/v1/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.89.18.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-89-18-112.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Fri, 29 Sep 2023 16:12:15 GMT
vary
Origin
events
collector.ex.co/main/
17 B
154 B
XHR
General
Full URL
https://collector.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/28b907db-50ab-433d-bf84-4da2d60824bc?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.181.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-181-145.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:16 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.flourstech.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.flourstech.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.flourstech.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Sep 2023 16:12:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
200654
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame FA0E
2 B
374 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.flourstech.com&cw=1&lsw=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://p.flourstech.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
176791
expires
0
prebid
id5-sync.com/api/config/ Frame FA0E
135 B
545 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.flourstech.com
date
Fri, 29 Sep 2023 16:12:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame FA0E
43 B
317 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.flourstech.com
cache-control
no-cache
x-server
10.45.24.108
access-control-allow-credentials
true
content-length
43
expires
0
/
spl.zeotap.com/ Frame 1F55
8 KB
2 KB
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6fd75aabfffb13754734b9ce1320f958557c46217a73c333222b74c85e9595
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p.flourstech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://p.flourstech.com
cf-cache-status
DYNAMIC
cf-ray
80e581bc08319b88-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 16:12:16 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
193273
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 2057
2 B
369 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
207732
expires
0
prebid
id5-sync.com/api/config/ Frame 2057
135 B
539 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 2057
43 B
312 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.25.32
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 2057
63 B
417 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e32de62a47c98905b080b0e8ef3230ae8bfe758c77840282aee65c492c23ddcf

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 29 Oct 2023 16:12:16 GMT
isyn
prebid.a-mo.net/ Frame AB4A
551 B
470 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5fd4069dcaa7ea847aab3c8e49f359986f01d15bcc70ca0a2cc93ebd9ab8bf29

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
403
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:15 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5752
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167267
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame DF00
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 29 Sep 2023 16:12:16 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
csync
sync.spotim.market/ Frame F734
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:16 GMT
Etag
a2ca1699388480ce
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
e3171e18-62d6-48ca-a522-3c1b3f3eadb1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
/
onetag-sys.com/usync/ Frame D6BB
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4993
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167267
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 9AD6
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1104
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80e581bcae8a1901-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Fri, 29 Sep 2023 20:12:16 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame A86B
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:16 GMT
X-Sovrn-Pod
ad_ap7ams1
usync.html
eus.rubiconproject.com/ Frame 2E31
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 16:12:16 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 2057
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.medocdn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.medocdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Sep 2023 16:12:15 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
170618
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 0F6D
2 B
371 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=p.medocdn.com&cw=1&pbt=1&lsw=1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
218990
expires
0
prebid
id5-sync.com/api/config/ Frame 0F6D
135 B
542 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 0F6D
43 B
315 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache
x-server
10.45.22.122
access-control-allow-credentials
true
content-length
43
expires
0
sync-all.html
adxbid.info/ Frame D435
7 KB
3 KB
Document
General
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://p.medocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80e581bce97018db-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4O4HdRo3ccKgujPAGDYCIkQBIDV89YkQGUePNypbw1WOMaQ4%2FK%2FXeV3Ku%2Bem2qls4oRHgnVn1lMJ4iz2ssxGmjo2QzoPQfwVMfJL1MCpe%2FNKQ7LcLl23kGYkHFe7aaYjoGA8HpOqjri8KA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
spl.zeotap.com/ Frame C7ED
760 B
805 B
Document
General
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4738a002c01eebc4e8a02b9483688c8c450f27f017d41be18073c199b73261
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://p.medocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://p.medocdn.com
cf-cache-status
DYNAMIC
cf-ray
80e581bc589d9b88-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 16:12:16 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
302015
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame E5B6
2 B
368 B
XHR
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnypost.com%2F&domain=nypost.com&cw=1&pbt=1&lsw=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
198371
expires
0
prebid
id5-sync.com/api/config/ Frame E5B6
135 B
539 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame E5B6
43 B
313 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.2.150
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame E5B6
63 B
417 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e32de62a47c98905b080b0e8ef3230ae8bfe758c77840282aee65c492c23ddcf

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 29 Oct 2023 16:12:16 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 56AF
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1104
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80e581bcae911901-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Fri, 29 Sep 2023 20:12:16 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 58BE
551 B
458 B
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5fd4069dcaa7ea847aab3c8e49f359986f01d15bcc70ca0a2cc93ebd9ab8bf29

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
403
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
syncpixel.html
cdn.deepintent.com/ Frame A65C
2 KB
3 KB
Document
General
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
856
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Fri, 29 Sep 2023 15:58:00 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ADPycdsVkf04gu65VCYPpD4gvtKv8GxybCfRCuDXiDOrHhgk2iGsw5_iIFIaN-q0Up17UNAyfLnB0aVpXTZhlafxhVPTlF5FlnhV
csync
sync.spotim.market/ Frame 58B0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B
Document
General
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:16 GMT
Etag
a2ca1699388480ce
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
78d7b506-ea57-4e69-a83e-b3b7124a484c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=7860270711371651961&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
/
onetag-sys.com/usync/ Frame FEC5
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame C775
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?gdpr=true&cmp_cs=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 29 Sep 2023 16:12:16 GMT
pixel
ap.lijit.com/ Frame ED90
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:16 GMT
X-Sovrn-Pod
ad_ap7ams1
usync.html
eus.rubiconproject.com/ Frame EEB0
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 16:12:16 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B276
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167267
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:16 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame F329
0
0
Document
General
Full URL
https://ap.lijit.com/beacon?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&informer=13399841
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Fri, 29 Sep 2023 16:12:16 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
csync
sync.adtelligent.com/ Frame E5B6
43 B
320 B
Image
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751324&extuid=${USER_ID}&gdpr=[replace_me]&gdpr_consent=[replace_me]&gpp=[replace_me]&gpp_sid=[replace_me]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
Adtelligent
Etag
a2ca1699388480ce
Content-Length
43
Content-Type
image/gif
csync
sync.spotim.market/ Frame AB4A
43 B
165 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
Adtelligent
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame AB4A
32 B
145 B
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 60fd3afb7c20a7d618acbcbd60640b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80e581bcaff96922-FRA
x-amz-cf-id
UaQUUwMj1W8cM_l92XsbrUr0wfNsYpFyTOT0bDAM_4AJbRodI7W9Eg==
expires
Fri, 29 Sep 2023 17:12:16 GMT
getuid
ib.adnxs.com/ Frame 1F55
0
0
Image
General
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=9cddcaa5-9efa-49cc-a7f4-9e8c65acfe47&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac...
95 B
215 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=9cddcaa5-9efa-49cc-a7f4-9e8c65acfe47&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be3b829b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=9cddcaa5-9efa-49cc-a7f4-9e8c65acfe47&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 1F55
0
453 B
Image
General
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1F55
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
cm
trc.taboola.com/sg/zeotap/1/ Frame 1F55
0
203 B
Image
General
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230031-FRA
server
nginx
x-timer
S1696003937.820777,VS0,VE8
x-fastly-to-nlb-rtt
7143
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=umv1b41_7284281978830276197&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=umv1b41_7284281978830276197&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bfbdbc9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:17 GMT
X-Fw-Request-Id
umeb794_1696003937003197716
Content-Type
text/html
Location
https://mwzeom.zeotap.com/mw?zpartnerid=1368&env=mWeb&cid=umv1b41_7284281978830276197&gdpr=${GDPR_ENFORCED}&gdpr_consent=${GDPR_CONSENT}
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1F55
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 29 Sep 2023 16:12:15 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame 1F55
0
0

mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=25286724204748010433476786795033725090&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=25286724204748010433476786795033725090&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be6bd99b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v050-03af3081a.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+WCda25pQLQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=25286724204748010433476786795033725090&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 1F55
0
324 B
Image
General
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=32b7898d-121f-4c79-4f7e-bfda3da020ea&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023092918-25390-0.873094001696003936-c3ccad6c62ad2816be53f07f411006d7&zdid=533&env=mWeb
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023092918-25390-0.873094001696003936-c3ccad6c62ad2816be53f07f411006d7&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be0b259b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023092918-25390-0.873094001696003936-c3ccad6c62ad2816be53f07f411006d7&zdid=533&env=mWeb
Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7284281421854144659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=7284281421854144659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bd4a179b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7284281421854144659&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 1F55
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea
95 B
436 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=32b7898d-121f-4c79-4f7e-bfda3da020ea
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=WEzhwIP9WoV5fc3oGHdPl.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?webouuid=WEzhwIP9WoV5fc3oGHdPl.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bd9a8d9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:15 GMT
via
1.1 google
last-modified
Fri, 29 Sep 2023 16:12:16 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=WEzhwIP9WoV5fc3oGHdPl.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 1F55
0
84 B
Image
General
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.82 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=32b7898d-121f-4c79-4f7e-bfda3da020ea?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bdaa9f9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
cache-control
no-cache
x-server
10.45.25.152
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-HVHSM2JE2ooFVSxqkSRyi3D2uRL_leEA.A--~A&zpartnerid=570&env=mWeb
95 B
177 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=y-HVHSM2JE2ooFVSxqkSRyi3D2uRL_leEA.A--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be2b789b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-HVHSM2JE2ooFVSxqkSRyi3D2uRL_leEA.A--~A&zpartnerid=570&env=mWeb
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vNC4LqiYtfNTObPBR%2Bib8zncsR%2FlVPH5%2BS41iYitP1U%3D
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vNC4LqiYtfNTObPBR%2Bib8zncsR%2FlVPH5%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be6bd49b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=vNC4LqiYtfNTObPBR%2Bib8zncsR%2FlVPH5%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 1F55
42 B
213 B
Image
General
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 1F55
0
337 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Fri, 29 Sep 2023 16:12:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=49 t=1696003937
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 1F55
0
0

mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRb3XAAQzh9rdABV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRb3XAAQzh9rdABV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bdfb189b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230078-FRA
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1696003937.784858,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZRb3XAAQzh9rdABV&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 1F55
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c2...
0
336 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-served-by
beacon-n006-dub-prod.krxd.net
date
Fri, 29 Sep 2023 16:12:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1696003937
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
date
Fri, 29 Sep 2023 16:12:17 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1F55
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7...
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.226.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1R0625D7K44SM3DCCXP3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7DSCSYA6J5NGYW6S11KK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 1F55
0
145 B
Image
General
Full URL
https://tags.bluekai.com/site/87734?id=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
95 B
329 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be6be29b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
date
Fri, 29 Sep 2023 16:12:17 GMT
cross-origin-resource-policy
cross-origin
content-length
0
token
pixel.rubiconproject.com/ Frame 1F55
0
214 B
Image
General
Full URL
https://pixel.rubiconproject.com/token?pid=41544&puid=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame 1F55
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b7898d-121f-4c79-4f7e-bfda3da020ea%26reqId%3D001254a7-368e-40ac-53bf-877839c237c8%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.55.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-55-175.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame 1F55
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bce9669b88-FRA
access-control-allow-headers
*
content-length
95
mw
mwzeom.zeotap.com/ Frame 1F55
Redirect Chain
  • https://cms.quantserve.com/pixel/p-2vLHuZkZPAz2_.gif?idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_...
  • https://mwzeom.zeotap.com/mw?cid=WOUtJgjnKXNDtC9xDOExdF7jKiFD4HoiXbYFfB5S&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c7...
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=WOUtJgjnKXNDtC9xDOExdF7jKiFD4HoiXbYFfB5S&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bd5a1f9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://mwzeom.zeotap.com/mw?cid=WOUtJgjnKXNDtC9xDOExdF7jKiFD4HoiXbYFfB5S&env=mWeb&zpartnerid=1875&gdpr=1&gdpr_consent=&idmatch=0&initiator=zt&gdpr=1&gdpr_consent=&partner_user_id=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
cmp.min.js
spl.zeotap.com/ Frame 1F55
557 B
416 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee44adfff51a9defed563faa1fbc8eb8f5d5e8aa565b0ca41e1d99b98d99cf77
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be6bcc9b88-FRA
access-control-allow-headers
*
v1
lb.eu-1-id5-sync.com/lb/ Frame FA0E
33 B
403 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.flourstech.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 2E31
35 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Sep 2023 14:46:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81176
Connection
keep-alive
Content-Length
10475
Expires
Sat, 30 Sep 2023 14:45:12 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 2057
33 B
397 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
mw
mwzeom.zeotap.com/ Frame C7ED
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D32b...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
95 B
154 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581be3b8b9b88-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
date
Fri, 29 Sep 2023 16:12:16 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame C7ED
95 B
171 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bce9699b88-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame C7ED
557 B
452 B
Script
General
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619699049d02f5501385b38248e291a16ccd4a43479a77f5e685a70d9a98f93b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
80e581bd39e49b88-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame EEB0
35 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Sep 2023 14:46:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=81176
Connection
keep-alive
Content-Length
10475
Expires
Sat, 30 Sep 2023 14:45:12 GMT
csync
sync.spotim.market/ Frame 58BE
43 B
165 B
Image
General
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=&us_privacy=1---&gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 16:12:16 GMT
Server
Adtelligent
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 58BE
32 B
95 B
Script
General
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
via
1.1 60fd3afb7c20a7d618acbcbd60640b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
MXP53-P1
age
506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
80e581bcf8696922-FRA
x-amz-cf-id
UaQUUwMj1W8cM_l92XsbrUr0wfNsYpFyTOT0bDAM_4AJbRodI7W9Eg==
expires
Fri, 29 Sep 2023 17:12:16 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 0F6D
33 B
400 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame E5B6
33 B
397 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
track
track1.aniview.com/ Frame 60F9
0
120 B
Ping
General
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=reactions&cd4=6198326e-04fd-449f-9ad6-65ceed664b52&cd5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.5.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=a1ad5856-987c-419d-8f30-76b9d69e3593&rando=68
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
692.json
id5-sync.com/g/v2/ Frame FA0E
276 B
687 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_12915.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
dfd11981d1f9dcfabd4e0a4c64673acbe48d518b9914c12b02e73b91c4fe2a88
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.flourstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.flourstech.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 2E31
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
track
track1.aniview.com/ Frame F5AE
0
120 B
Ping
General
Full URL
https://track1.aniview.com/track?r=nypost.com&sn=&cd1=sp_Sx8YukwE&cd2=Desktop&cd3=independent_ad&cd4=6198326e-04fd-449f-9ad6-65ceed664b52&cd5=diXpSNciN_G3ukGMFr42KUsCtxx8zaLYXBoXZ01RTGC4mfF37KibfkgiigdshE8W&cd6=tier1-conv3&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=5850&cd10=v22.5.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=300&he=169&test=&d36=6.2.130&apppkg=&fv=1&proto=https&clsid=dae0eae5-ae43-40fb-825a-8f6011a3d142&rando=94
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.219.93.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-93-175.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
692.json
id5-sync.com/g/v2/ Frame 2057
276 B
681 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
fb349d715fda61d42d1f621bdcfaa1d5e17a79abda601efdcc9a91bdff1cd527
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ Frame E5B6
276 B
681 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_10247.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
fe944b5d716034a8578b77b7f2a66c4969902cc4c9d75e805d4119d2b83ee60d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
692.json
id5-sync.com/g/v2/ Frame 0F6D
276 B
684 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
85f08844af333b57ba0296fcc5ac9a68d7367a2a4bde4d6677d82e952b75ee3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Fri, 29 Sep 2023 16:12:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame EEB0
7 B
380 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
108
match.deepintent.com/usersync/ Frame A65C
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/108
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-length
0
server
c
112
match.deepintent.com/usersync/ Frame A65C
0
39 B
Image
General
Full URL
https://match.deepintent.com/usersync/112
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
150
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/150
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
121
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/121
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
126
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/126
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
129
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/129
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-length
0
server
c
147
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/147
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
106
match.deepintent.com/usersync/ Frame A65C
0
16 B
Image
General
Full URL
https://match.deepintent.com/usersync/106
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
content-length
0
server
c
getuid
eb2.3lift.com/ Frame D435
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 1A07
54 B
494 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80e581be5aab3737-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 16:12:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seXZs96mxpKqaUKZ7lXs2ZMl4zBaL1v0JFk%2FTLXwoGbBdWTz4%2F%2FJMOdFMjh9tUAE9yR8xvJmZFU2wJqqbZdR43EB40%2FjMlW%2BTyDfVP%2B%2Fr8N7aECLmtudoqW6hGrrmYR0UoLCaKtBFau2%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6DC1
54 B
488 B
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPy3MMAPy3MMAAcABBENDZCgAAAAAEPAACiQAAATHgGAAkABcAEUAKAAfgB4AEAAIQAyQCYYExQJjgKAgAIARQkAsACoAHAAQAA0ACYAI4AgABGACUgLzAZIFAAgBFCAAwAoAE7AWKGACgA9ACYAsUBjIDJA0AEAtAgAOACQAHoATACdgLFAYyAyQUAEACYAI4AeACxRUAEAtAwAGAEwARwA8B0AsACoAHAAQAA0ACYARgAlIBaAFigLzAZIPAAgBFHABAAmgBQAEcATshAFACYAI4AlIBaAFikAAQATQC0koAwAHAAmACOALQAsUBeZIAEAE0AtJSAUABUADgAIAAaABMAIwASkBYoC8wGSFQAIARSgAIAJoAjg.YAAACHgAAAAA&us_privacy=1---&d=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80e581be6ac83737-FRA
content-encoding
br
content-type
text/html
date
Fri, 29 Sep 2023 16:12:17 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NemejhrN%2FRYxPJ56nNC0DxzVGcZ0cnzHvj33GKjS%2F7fPzNwZiX7n7hp6s4LmCqMARof1MhTG36koBks0MIMSAUlQ%2BPGyW8kORp55XDJiUA0GLGKE9UmCMBA%2FQ7pAi5%2BXnWyWW7gDIFbw5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
setuid
user-sync.adxpremium.services/ Frame D435
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=fbd1e80bdb968d3b84c47b7777f7d4610e26f7a358d5abad4685fd9aac2a3b13
86 B
564 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=fbd1e80bdb968d3b84c47b7777f7d4610e26f7a358d5abad4685fd9aac2a3b13
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:18 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=fbd1e80bdb968d3b84c47b7777f7d4610e26f7a358d5abad4685fd9aac2a3b13
Pragma
no-cache
Date
Fri, 29 Sep 2023 16:12:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame
0
0
Preflight
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nypost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Fri, 29 Sep 2023 16:12:17 GMT
prebid
id5-sync.com/api/config/ Frame 74A3
136 B
540 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame 74A3
0
249 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://nypost.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame 74A3
43 B
313 B
XHR
General
Full URL
https://id.crwdcntrl.net/id?gdpr_applies=false&us_privacy=1---
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:17 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://nypost.com
cache-control
no-cache
x-server
10.45.20.106
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame 74A3
63 B
417 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
c139b7389c2e6953ef9d36218be7172678df1f3f05e70b3b93744d82434651f8

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 29 Oct 2023 16:12:17 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 74A3
36 B
484 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=509523
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffff815a7c15040eb4bacfc51a11ee41385971177592c7ac0459a0f8852f0658

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vdPQyethChu9qkbWcEHcUBte2mOBkUfdWYQv%2BnW%2BIkFlPOCY%2BHA0fW74lKmWScGMkXZePaeNHZBQXbLCZiG%2FofBAN69OAWfE01rknN3pRPL9X5EPUEV5F%2BdEN6CjCQY9vU8pMTP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://nypost.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80e581bf6be83737-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 74A3
143 B
958 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
35309de8df4deca742ecbc655a788096cefbca681ab6b2ddc7c34745281d2f8c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:17 GMT
an-x-request-uuid
a84c56d9-b573-4e8e-b443-f762091d90d4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.151; 185.213.155.151; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
143
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame 74A3
0
154 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.4.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-4-235.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
unruly_prebid
targeting.unrulymedia.com/ Frame 74A3
0
158 B
XHR
General
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://nypost.com
pragma
no-cache
date
Fri, 29 Sep 2023 16:12:17 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame 74A3
19 B
522 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&tmax=3000&gdpr=false&us_privacy=1---
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.77.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-77-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:17 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 74A3
186 B
469 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
629a22508d3d195c140d19788df0b9d8920bf3c65edf7ee74a4f86ccb58ba28f

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.130.0
Content-Type
application/json
access-control-allow-origin
https://nypost.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/
358 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125650
x-xss-protection
0
expires
Fri, 29 Sep 2023 16:12:17 GMT
v1
lb.eu-1-id5-sync.com/lb/ Frame 74A3
33 B
397 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
SPug
simage4.pubmatic.com/AdServer/ Frame 7772
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
1235.json
id5-sync.com/g/v2/ Frame 74A3
276 B
681 B
XHR
General
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.6.1/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
1d7b1d575d6a20ad03467ec7580f7a4923c8e64e0922cb9a79cdb1655624ceb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://nypost.com
date
Fri, 29 Sep 2023 16:12:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
bridge3.593.1_en.html
imasdk.googleapis.com/js/core/ Frame 0A2A
723 KB
232 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
147623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
237116
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Sep 2023 23:11:54 GMT
expires
Thu, 26 Sep 2024 23:11:54 GMT
last-modified
Wed, 27 Sep 2023 23:10:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Sep 2023 16:12:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F367
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 29 Sep 2023 17:06:54 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 0A2A
124 B
125 B
XHR
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F94166617%2C5850%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_nypost.com_5&description_url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F&min_ad_duration=1000&max_ad_duration=45000&sz=1x1%7C300x250%7C400x300%7C640x400%7C640x480&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=186205943152363&vdmax=45&cust_params=pf%3D2f169f9b4e6a&sdkv=h.3.593.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3086866481&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.593.1&sid=DFB878CE-4501-46B4-A7F9-6093660F71B3&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797964%2C44801604&url=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&dlt=1696003927642&idt=10054&dt=1696003938038&scor=3774409347070419&ged=ve4_td10_tt0_pd10_la10000_er796.268.952.568_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
vid.vidoomy.com/ Frame A67E
49 KB
18 KB
Document
General
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Fri, 29 Sep 2023 16:12:18 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
805379
x-77-cache
HIT
x-77-nzt
AZySIYumL0L/A0oMAA
x-77-nzt-ray
cf8787273d4c8c1a62f7166577ec890a
x-77-pop
frankfurtDE
x-accel-date
1695198559
x-accel-expires
@1696235359
x-age
805379
x-cache
HIT
csi
csi.gstatic.com/ Frame 0A2A
0
0

csi
csi.gstatic.com/ Frame 0A2A
0
0

setuid
user-sync.adxpremium.services/ Frame D435
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
86 B
696 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:18 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wermRIDen1gvdf1JZS7qTCvji%2FCV3sV0aXxJeUiqki%2FBOi70ocNt%2B4KX7SMdlp1p%2BIQI%2FPxjInKYaP1GEXaD5I%2BXdh%2FC6W6LDABGeZfRDeTTSH0vHoavR3AGFbVPsWAGq4SFV81v"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZRb3XP6crRPKPLFr5.UKNQAA%265282
cache-control
no-cache
cf-ray
80e581c61db19b94-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame A67E
1 KB
854 B
XHR
General
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 -, , ASN (),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 29 Sep 2023 16:12:18 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
806832
x-accel-date
1695197106
x-77-nzt
AcO1rw6J7s//sE8MAA
x-accel-expires
@1696233906
x-77-age
806832
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
90833930470a4b5062f7166558b21421
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
csync
sync.adtelligent.com/ Frame C672
43 B
473 B
Document
General
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 Staines-upon-Thames, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Fri, 29 Sep 2023 16:12:18 GMT
Etag
a2ca1699388480ce
Server
Adtelligent
landscape0fb9c8ef-2957-4427-b661-61e0524c1be1_1695312578389.mp4
large-img.ex.co/video/upload/c_scale,w_800/v1690196540/
3 MB
0
Media
General
Full URL
https://large-img.ex.co/video/upload/c_scale,w_800/v1690196540/landscape0fb9c8ef-2957-4427-b661-61e0524c1be1_1695312578389.mp4
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range
bytes=720896-

Response headers

x-amz-meta-cld-original-filename
4iAMHQk9-fJbDEVqk
date
Fri, 29 Sep 2023 16:12:18 GMT
x-amz-meta-cld-surrogate-reporting
width=800,height=450,abps=41227,fps=24.0,du=120.094,vc="h264",bytes=4951158,owidth=1920,oheight=1080,oabps=174298,ofps=24.0,odu=120.093,ovc="h264",obytes=20932049,oformat="mp4"
x-amz-request-id
RSTS31F6T5FQTXGS
x-amz-meta-cld-transformation-id
6689139806058034417
x-amz-server-side-encryption
AES256
x-amz-meta-cld-version
1695312582
Content-Range
bytes 720896-4951157/4951158
x-amz-meta-cld-surrogate-key
502196356127915965195966619054958153653 295080953872673752238392952027982591845
Content-Length
4230262
x-amz-id-2
qBBm021+5Fyj5pVjjA3+mCroUFcoyxXX51BGajApq9sVjMVA97NvDptrHUgwqwLPVeqmfFn1zPQ=
last-modified
Thu, 21 Sep 2023 16:10:35 GMT
server
AmazonS3
etag
"e3d6d019893db7ce5ad02d75f6ea8d30"
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
cache-control
public, max-age=30844917
accept-ranges
bytes
transform
mcd-playlist.ex.co/api/v2/captions/
5 KB
5 KB
TextTrack
General
Full URL
https://mcd-playlist.ex.co/api/v2/captions/transform?url=https%3A%2F%2Fcdn.jwplayer.com%2Ftracks%2FT03yeq7g.srt
Requested by
Host: nypost.com
URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bcba14483ebee674102e1eb122afe16ad7270bac8b9045e1dab96258f9469ae5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Origin
https://nypost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
date
Fri, 29 Sep 2023 16:12:18 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
3335
x-cache
HIT
content-length
4697
x-served-by
cache-fra-eddf8230108-FRA
server
nginx
x-timer
S1696003939.556450,VS0,VE1
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A8C5
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=167265
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 29 Sep 2023 16:12:18 GMT
expires
Sun, 01 Oct 2023 14:40:03 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D435
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 29 Sep 2023 16:12:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
user-sync.adxpremium.services/ Frame 7B27
86 B
836 B
Document
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Fri, 29 Sep 2023 16:12:18 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame D435
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1---
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame D435
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6257942833171685156
86 B
812 B
Image
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6257942833171685156
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:12:19 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=6257942833171685156
date
Fri, 29 Sep 2023 16:12:18 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
user-sync.adxpremium.services/ Frame 99B5
86 B
836 B
Document
General
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Fri, 29 Sep 2023 16:12:18 GMT
events
e.channelexco.com/
0
246 B
Ping
General
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.55.0-d55ac9d/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.131 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 16:12:18 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ln4sydmx&c=4137802657449&slotId=2068901328724.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ln4sye1z&c=4137802657449&slotId=2068901328724.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797964%2C44801604

Verdicts & Comments Add Verdict or Comment

215 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed function| OptanonWrapper object| ga4Dims function| gtag object| dataLayer function| nypGa object| __otccpaooLocation string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData object| nypScripts string| nypost_screen object| _wpemojiSettings object| twemoji object| wp object| otTCF object| otIabModule object| Optanon object| OneTrust object| webpackChunknypost_2016 object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| nypAqfer string| usprivacy function| admiral object| googletag object| saasquatch_settings object| sailthru_vars string| ob_id object| OB_element object| OB_elements string| dimension21 function| nypGoogletag object| webpackChunknyp_slideshow_modal object| MicroModal object| nypZephr object| nypMembership object| zephr object| webpackChunknyp_membership function| _ object| core object| cj object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ function| FlipboardWidgets function| 4dm1r11545242527 object| STREAM_CONFIGS string| STREAM_ID object| __EXCO string| __EXCO_INTEGRATION_TYPE object| wpJsonpExCoStreamSdk function| onRecaptchaLoadCallback object| sharing_js_options undefined| windowOpen object| _stq object| google_conversion_id object| google_custom_params object| google_remarketing_only object| pbjs object| ProgrammaticBidding object| pbjsChunk object| _pbjsGlobals object| mnet object| mnjs string| nobidVersion object| nobid object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt function| st_go function| linktracker_init object| wpcom object| __OPEN_WEB__ object| google_tag_manager number| hits object| initialized number| lastVisit number| sessionLastVisit number| sessionStarted boolean| triggerFlag boolean| startChatFlag number| differenceInHours object| GlobalSnowplowNamespace function| snowplow boolean| __bt_already_invoked object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| noop object| mnjsWebpackJsonp object| rtd object| process string| pbPageIdentifier boolean| availablePlans object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ function| onYouTubeIframeAPIReady object| gaGlobal object| recaptcha object| closure_lm_369995 function| owActionQueue object| webpackChunknotifications function| __SPOTIM_DISABLE_ADS__ object| webpackChunkreactions object| webpackChunkconversation object| DD_LOGS function| avPlayer object| __SPOTIM_DEV_STORE__ object| wpJsonpExCoAdPlayer object| ID5 object| CEDATO_API object| storageAni object| CEDATO_TAG object| hadron boolean| __halo_loaded__ object| au object| __id5_instances object| criteo_syncframe_state object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| closure_lm_362175 object| closure_lm_540730

126 Cookies

Domain/Path Name / Value
nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources Name: exco-uid
Value: pun1nzdqlp301qu3
.info.illicitedge.com/ Name: __cf_bm
Value: Us.ag85d26GSYGN3i4pVyqe1DEd.5PvQ.rUY5VP0FtE-1696003926-0-AcJwqWaneCgpU61DxbzUPCIct05APoyjPBjzSV+wj4LZhPv4Eevch5TPJkTZRBRG6QxNEgKujefeJBqkm+kdWAM=
.info.illicitedge.com/ Name: __cfruid
Value: ecac60832a09130ee938d30756acf5fccefee6e3-1696003926
nypost.com/ Name: usprivacy
Value: 1---
.nypost.com/ Name: blaize_session
Value: 9d44eb92-a48b-462e-87a1-dc22d4619fdf
zephr-v4.nypost.com/ Name: AWSALB
Value: AX4zYP7I8IG8jbKqCz/0c8vX9qnmWnpvQSQ8o+PzagoX8anElGt/xLo1xrdFij28JppsbpWli2mHYnQoOel3BVy/1BslyHyfqicsNrolt+ptC2JhcUSvMEa6inIY
zephr-v4.nypost.com/ Name: AWSALBCORS
Value: AX4zYP7I8IG8jbKqCz/0c8vX9qnmWnpvQSQ8o+PzagoX8anElGt/xLo1xrdFij28JppsbpWli2mHYnQoOel3BVy/1BslyHyfqicsNrolt+ptC2JhcUSvMEa6inIY
.nypost.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Sep+29+2023+18%3A12%3A09+GMT%2B0200+(Central+European+Summer+Time)&version=6.39.0&hosts=&consentId=14d51551-8e38-43d4-913f-b8789b3a3552&interactionCount=0&landingPath=https%3A%2F%2Fnypost.com%2F2023%2F09%2F28%2Frussian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources%2F%3Futm_campaign%3DIllicit%2520Edge%2520Daily%26utm_medium%3Demail%26_hsmi%3D276331523%26_hsenc%3Dp2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA%26utm_content%3D276331523%26utm_source%3Dhs_email&groups=BG239%3A1%2CC0022%3A1%2CBG240%3A0%2CC0023%3A0%2CBG241%3A0%2CC0024%3A0%2CBG242%3A0%2CC0013%3A0%2CC0017%3A0%2CC0030%3A0%2CBG243%3A1%2CBG244%3A1%2CBG245%3A0%2C1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2C8%3A0%2C9%3A0%2CC0012%3A0%2CC0020%3A0%2CC0021%3A0%2CC0029%3A0%2CC0033%3A0
.nypost.com/ Name: _nyp_ses.64db
Value: *
.nypost.com/ Name: _nyp_id.64db
Value: .1696003929.1.1696003929..eec9ad98-1c78-4374-a055-602b3f19c6ef..d79d7203-f248-41db-93db-ea8fb839f844.1696003929460.1
.spot.im/ Name: device_uuid
Value: 02e9dadc-4ebb-4ba1-9543-548cf0cd031c
.nypost.com/ Name: _nyp_sp_id_
Value: 46903426-ef69-4819-b484-749603a03551
.nypost.com/ Name: _awl
Value: 2.1696003929.5-3f76c02ee775f4acd1599b756be89293-6763652d6575726f70652d7765737431-0
.nypost.com/ Name: _admrla
Value: 2.2-388192d1b6f63132-772162c7-5ede-11ee-96de-de7bc882c5d1
.nypost.com/ Name: spotim_visitId
Value: {%22visitId%22:%2202e9dadc-4ebb-4ba1-9543-548cf0cd031c%22%2C%22creationDate%22:%22Fri%20Sep%2029%202023%2018:12:09%20GMT+0200%20(Central%20European%20Summer%20Time)%22%2C%22duration%22:1}
.nypost.com/ Name: _pubcid
Value: 037b29b4-bd67-4367-80e5-b47965941b8e
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfcEk2cFBucksxeW8zIiwiZGlzcGxheV9uYW1lIjoiQ3lhblBpbiIsInVzZXJfbmFtZSI6IkN5YW5QaW4iLCJyZWdpc3RlcmVkIjpmYWxzZSwiaW1hZ2VfaWQiOiIjQ3lhbi1QaW4iLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfU3g4WXVrd0UiLCJsYXN0X2NoZWNrIjoxNjk2MDAzOTMwLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTI5b2I1ODJSLjMzMGJmZDM3ZTdiOTg0NzhkZDgxMWE3NTdjZjAzZjc3N2I3MmE2NTI3MjIyZjJkNzMyMThiYzIxOWZjNWMwMzYiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfOUx3T01JZHo3Z3ozRDBrYXZwTDIiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJuZXRfbnlwb3N0IiwibmV0d29ya19uYW1lIjoiTllQb3N0IiwibmV0d29ya19pbWFnZV9pZCI6Ik5ZUG9zdCIsIm5ldHdvcmtfY29sb3IiOiIjQ0MzMzMzIn0sInNwb3RfbmFtZSI6IiIsImRvbWFpbiI6IiIsInJvbGVzX251bWJlciI6MCwidGVtcF91c2VyIjpmYWxzZSwiZXhwIjoxNzI0NDI1OTMwLCJzdWIiOiJ1X3BJNnBQbnJLMXlvMyJ9.uvJSnqLNyWQjz6-72a5hNTFUVPjJYY8xN1NHDb3yaPs
.adnxs.com/ Name: uuid2
Value: 7860270711371651961
.casalemedia.com/ Name: CMPS
Value: 5282
.ex.co/ Name: exco-uid
Value: 2e3236302e393134
.casalemedia.com/ Name: CMID
Value: ZRb3XP6crRPKPLFr5.UKNQAA
.casalemedia.com/ Name: CMPRO
Value: 5282
.adtelligent.com/ Name: vmuid
Value: a2ca1699388480ce
.spotim.market/ Name: vmuid
Value: a2ca1699388480ce
.spotim.market/ Name: a323548
Value: 7860270711371651961
.adtelligent.com/ Name: a323546
Value: ZRb3XP6crRPKPLFr5.UKNQAA&5282
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
.turn.com/ Name: uid
Value: 3530635403919222325
.ads.stickyadstv.com/ Name: UID
Value: 8d41efbda86fcf4263ca29ff1d2dff
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZRb3XP6crRPKPLFr5-UKNQAAFKIAAAIB
.openx.net/ Name: i
Value: 21e88b3f-1d0e-468e-8baa-aa2138f5f3e8|1696003932
.adfarm1.adition.com/ Name: UserID1
Value: 7284281421854144659
.bidswitch.net/ Name: tuuid
Value: fd4f3157-5bce-4a81-a780-10757656c34e
.bidswitch.net/ Name: c
Value: 1696003932
.bidswitch.net/ Name: tuuid_lu
Value: 1696003932
.quantserve.com/ Name: mc
Value: 6516f75c-d3ab1-d0361-0f23f
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-12b490af-480f-4f24-bca2-d4d621dc4945-003%22%7D
.simpli.fi/ Name: suid
Value: B7D66492643D4D7DA9C652C79BA77048
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7860270711371651961&KRTB&23339-7860270711371651961
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3530635403919222325&KRTB&23150-3530635403919222325&KRTB&23527-3530635403919222325
.weborama.fr/ Name: AFFICHE_W
Value: iogzkfj@x7iK26
.ctnsnet.com/ Name: cid_7481a51034ee4561bc62abb9e7d7ec90
Value: 1
.adform.net/ Name: C
Value: 1
.adtelligent.com/ Name: a281178
Value: C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E
.fwmrm.net/ Name: _uid
Value: umv1b41_7284281978830276197
.doubleclick.net/ Name: IDE
Value: AHWqTUl5rnrm_52Gw8X3ClFBQcR2CEYeWp5fML8ruyG_CY-00uFEod-2eK2-1KKw8P4
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQ2MzIwN7K0sBDiM9Q1rAgrdDfKtsxNcakCAKuXfKolAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlmYGBsaWxkaWAEAC98RE4QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQ2MzIwN7K0sBDiM9Q1rAgrdDfKtsxNcakCAKuXfKolAAAA
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7284281421854144659&KRTB&23369-7284281421854144659
.de17a.com/ Name: guid
Value: 1.1200975841872454649
.adx.opera.com/ Name: UID
Value: OPU3b21b93bc5af4a11b196253722b18f5a
.company-target.com/ Name: tuuid
Value: 3e67b57d-b538-42e7-aa54-5b6961447a04
.company-target.com/ Name: tuuid_lu
Value: 1696003932|ix:0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZRb3XAAQzh9rdABV
.bumlam.com/ Name: suuid3
Value: IiRmMzIwNzU5YS01ZWUyLTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90&KRTB&19420-9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90&KRTB&22979-9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90&KRTB&23403-9BZ7X6QUfwrvR3kIoBJnDfIQfFjvEyxb8UVCzh90
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5134455421362072988
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1200975841872454649
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU3b21b93bc5af4a11b196253722b18f5a&KRTB&23485-OPU3b21b93bc5af4a11b196253722b18f5a&KRTB&23524-OPU3b21b93bc5af4a11b196253722b18f5a
.adsby.bidtheatre.com/ Name: __kuid
Value: ab145284-6c76-46b2-aed2-d49edbefa6f8.465217932
.bidr.io/ Name: bito
Value: AAGw_U7KLe8AABgaSRCwMg
.bidr.io/ Name: bitoIsSecure
Value: ok
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1b41_7284281978830239979
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1b41_7284281978830239979
.adform.net/ Name: uid
Value: 6257942833171685156
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELjlapJz6rrxx4ScRCirdOg&KRTB&23025-CAESELjlapJz6rrxx4ScRCirdOg&KRTB&23386-CAESELjlapJz6rrxx4ScRCirdOg
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEBIeW6FGADxPE1ioAP_y-yI
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGw_U7KLe8AABgaSRCwMg
.yahoo.com/ Name: A3
Value: d=AQABBF33FmUCEK3Rher8Y1HBlxuGdPITC50FEgEBAQFIGGUgZQAAAAAA_eMAAA&S=AQAAApzpxZek76bQ30Kn-GQ1zGw
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6257942833171685156&KRTB&23263-6257942833171685156&KRTB&23481-6257942833171685156
.amazon-adsystem.com/ Name: ad-id
Value: A1kShcSJzUxMkfUNH1pVwNg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: d4glECmRcmNSEGNYSM6x4LYlQ!20220908!1696003933065!ip#185.213.155.151
.audrte.com/ Name: arcki2_pubmatic
Value: C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E!20220908!1696003933068
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-0wj3QphE2oMXTqMXH2tbWhRI5AVpjjKqwFlSuQvp~A
.smartadserver.com/ Name: pid
Value: 6971442829193981175
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAGw_U7KLe8AABgaSRCwMg
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%2FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-e357ffec-92e5-51ec-7f30-decef67c3e75.Acq%2FL8Kjvtcc5X5JZi7nIfmIDsA5yDDJGqPAW5iGXSQ
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A41f_7JLlUex_MN7O9nw-dbnVm5c.QB%2BJNgxRGInnaXHEcIbAg6ulEwDEqRnBkMWZof%2Fd%2FhQ
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE0ImPuLnJ2EeayDJK72IBWkiZpPPzDncqpbGPPiZv0gEHwYBCDd7tuoBjABOgRLGKL4QgRFoi5K.MChjXKEyxUDzt5BQdyHLUrc6eMKa7WxQlz0Er%2FnG%2Bgg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE0ImPuLnJ2EeayDJK72IBWkiZpPPzDncqpbGPPiZv0gEHwYBCDd7tuoBjABOgRLGKL4QgRFoi5K.MChjXKEyxUDzt5BQdyHLUrc6eMKa7WxQlz0Er%2FnG%2Bgg
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 26a1c1c3d98ee46f
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23334-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23417-41f_7JLlUex_MN7O9nw-dbnVm5c&KRTB&23426-41f_7JLlUex_MN7O9nw-dbnVm5c
.tribalfusion.com/ Name: ANON_ID
Value: aqnt6ZamMZaE8DXqwmMRTRgZagbZck8ZavmQaDX6UeMxZaEFvqbVUCYqTs7uUx6V0Cq79BdCsu5JLaJlNH3ZbUt0ZciH3UHZcL44x
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAGw_U7KLe8AABgaSRCwMg
.prebid.a-mo.net/ Name: __amc
Value: 1_1696003933_1696003933
.audrte.com/ Name: arcki2_ddp2
Value: d4glECmRcmNSEGNYSM6x4LYlQ!20220908!1696003933499
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AE4hEqssKydLCUDu
.audrte.com/ Name: arcki2_adform
Value: 6257942833171685156!20220908!1696003933685
.pubmatic.com/ Name: DPSync3
Value: 1697155200%3A197_201_245_241_235_227_226_219
.pubmatic.com/ Name: SyncRTB3
Value: 1697155200%3A81_220_251_204_55_13_46_8_243_22_176_234_214_3_99_165_264_54_254_166_161_21_56_249_233_238_71_88%7C1698537600%3A203%7C1696550400%3A15_223_2%7C1697241600%3A35%7C1701129600%3A69%7C1696809600%3A63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-12b490af-480f-4f24-bca2-d4d621dc4945-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.zeotap.com/ Name: zc
Value: 32b7898d-121f-4c79-4f7e-bfda3da020ea
.onaudience.com/ Name: done_redirects104
Value: 1
ads.playground.xyz/ Name: connect.sid
Value: s%3A8VQg7DhjkK8hPaVwlIJk8tIFciuIkJq-.6UcRE5Qbx2kJZvTFSqdI5daJu1MrkF88nOYqiK4KW4w
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1696025535308
.onaudience.com/ Name: done_redirects219
Value: 1
.onaudience.com/ Name: cookie
Value: 0aaca1aa10ee75d6
.semasio.net/ Name: SEUNCY
Value: 793089CCB9D0B10A
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JaggjgbggbannTVQU
.pubmatic.com/ Name: PugT
Value: 1696003934
.ex.co/ Name: exco-uids
Value: {"appnexus":{"UID":"7860270711371651961","Expire":"2024-09-28T16:12:12.390553375Z"},"freewheel":{"UID":"8d41efbda86fcf4263ca29ff1d2dff","Expire":"2024-09-28T16:12:12.861613412Z"},"ix":{"UID":"ZRb3XP6crRPKPLFr5.UKNQAA\u00265282","Expire":"2024-09-28T16:12:12.637711055Z"},"pubmatic":{"UID":"C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E","Expire":"2024-09-28T16:12:15.829209015Z"},"unruly":{"UID":"RX-12b490af-480f-4f24-bca2-d4d621dc4945-003","Expire":"2024-09-28T16:12:13.036319577Z"}}
.zeotap.com/ Name: zsc
Value: %F7%AA%DE6o%1C%D8he%A9%81%B4%D3%A4%3A%17%99%E5s%3C%9A%8F%F75%88%ABBh%CA%85S%AEXr95a%CB%27%0D%EE%B3lZ%02%11%83%9C%01%2A%E7%050w%FAXf%D3D%DBo%81%85%16%F4%00%2A_oB%AAZ%7D%BA83%0F%AFn%9B%A0_%AB%11%CA%F9es~%A3%19+%88%0A%DEz%99%0E%10%96C%C6%BB%15%DE%B3%AD%9F%2B%B3%29%06%3D%EE%15%CD%93%B5I%14Z%1E%05%81%A1.%E0%87%81%9C%EFa%7C%E6%0E%D0xM%AF%C5H%E7%F2%F1T%93r%AD%9E%E8g%A9a0m%B2c%B9%BF%99%60%82jZJA%FDl%EA+%21%AD%16%F5K%EB%C5
.quantserve.com/ Name: d
Value: EOQBEgGIKvijDqqLMA
.tapad.com/ Name: TapAd_TS
Value: 1696003936797
.tapad.com/ Name: TapAd_DID
Value: 9cddcaa5-9efa-49cc-a7f4-9e8c65acfe47
.demdex.net/ Name: demdex
Value: 25286724204748010433476786795033725090
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2e74
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.agkn.com/ Name: ab
Value: 0001%3AorPAiUkVNwCndWfWfs5LTjT%2BNBMMI0yV
.dpm.demdex.net/ Name: dpm
Value: 25286724204748010433476786795033725090
.krxd.net/ Name: _kuid_
Value: P00avifo
nypost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
nypost.com/ Name: _lr_retry_request
Value: true
nypost.com/ Name: _lr_env_src_ats
Value: false
nypost.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-09-29T16%3A12%3A17%22%7D
.pubmatic.com/ Name: SPugT
Value: 1696003935
.adnxs.com/ Name: icu
Value: ChgI7d40EAoYASABKAEw4e7bqAY4AUABSAEQ4e7bqAYYAA..
.as.ck-ie.com/ Name: CID
Value: 0f83cf452eab8a22fbdb7fda039eebce2422e530
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWFydHlhZHMiOnsidWlkIjoiZmJkMWU4MGJkYjk2OGQzYjg0YzQ3Yjc3NzdmN2Q0NjEwZTI2ZjdhMzU4ZDVhYmFkNDY4NWZkOWFhYzJhM2IxMyIsImV4cGlyZXMiOiIyMDIzLTEwLTEzVDE4OjEyOjE4LjAxNzA2MTQ0MiswMjowMCJ9fSwiYmRheSI6IjIwMjMtMDktMjlUMTg6MTI6MTguMDE3MDYwOTg4KzAyOjAwIn0=

14 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C10936D6-FC63-4A1D-9E94-3DF45F2F6F0E&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Message:
Failed to load resource: the server responded with a status of 504 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=32b7898d-121f-4c79-4f7e-bfda3da020ea&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=eacd8d35-50d2-4b8e-5249-48e8fddcd750&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://tags.bluekai.com/site/87734?id=32b7898d-121f-4c79-4f7e-bfda3da020ea&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=32b7898d-121f-4c79-4f7e-bfda3da020ea&reqId=001254a7-368e-40ac-53bf-877839c237c8&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 498)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript warning URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Message:
The resource https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://nypost.com/2023/09/28/russian-oligarch-rented-out-landmark-nyc-mansion-days-before-getting-hit-by-us-sanctions-sources/?utm_campaign=Illicit%20Edge%20Daily&utm_medium=email&_hsmi=276331523&_hsenc=p2ANqtz-92MYCN45k2Fey_LQaaKQcchXUtI249lUjUoPz7Ee0oAqV9vNadnul_D0W_vag5eraFrdk67rzZc7yagwIEIkJLKWpmYA&utm_content=276331523&utm_source=hs_email
Message:
The resource https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.ad.gt
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adx.adform.net
adxbid.info
ap.lijit.com
api-2-0.spot.im
api.btloader.com
api.rlcdn.com
as.ck-ie.com
assets-jpcust.jwpsrv.com
assets.a-mo.net
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
btloader.com
btlr.sharethrough.com
c.aaxads.com
c.amazon-adsystem.com
c1.adform.net
cdn.cookielaw.org
cdn.deepintent.com
cdn.ex.co
cdn.flipboard.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jwplayer.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
collector.ex.co
config.aps.amazon-adsystem.com
core.iprom.net
cr.frontend.weborama.fr
creatives.sascdn.com
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
direct-events-collector.spot.im
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.channelexco.com
eb2.3lift.com
eus.rubiconproject.com
exchange.postrelease.com
fastlane.rubiconproject.com
fonts.gstatic.com
geolocation.onetrust.com
ghb.adtelligent.com
ghb.spotim.market
ghb1.adtelligent.com
go1.aniview.com
googleads.g.doubleclick.net
gpv.ex.co
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.spot.im
imasdk.googleapis.com
info.illicitedge.com
ipac.ctnsnet.com
js-sec.indexww.com
large-img.ex.co
launcher.spot.im
lb.eu-1-id5-sync.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mcd-playlist.ex.co
mwzeom.zeotap.com
nid.nypost.com
nypost-com.videoplayerhub.com
nypost.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
open-api.spot.im
p.channelexco.com
p.flourstech.com
p.medocdn.com
p.rfihub.com
p.typekit.net
pagead2.googlesyndication.com
pbcs.nypost.com
pbjs.e-planning.net
pix.spot.im
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
player.adtelligent.com
player.aniview.com
player.ex.co
player.spotim.market
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
rebelhen.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
rumcdn.geoedge.be
s-13.channelexco.com
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
sac.nypost.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.adsafeprotected.com
static.criteo.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adtelligent.com
sync.bumlam.com
sync.crwdcntrl.net
sync.ex.co
sync.richaudience.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.adx.opera.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
use.typekit.net
user-sync.adxpremium.services
usermatch.krxd.net
vid.vidoomy.com
vop.sundaysky.com
vpaid.vidoomy.com
warp.media.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www9.smartadserver.com
x.bidswitch.net
zephr-v4.nypost.com
cm-supply-web.gammaplatform.com
csi.gstatic.com
sync.richaudience.com
sync.tidaltv.com
104.18.24.18
104.18.26.193
107.20.23.69
108.138.36.46
108.138.7.19
108.138.7.85
108.156.60.10
108.59.7.241
13.225.78.6
130.211.16.136
130.211.23.194
134.122.57.34
141.94.170.64
141.94.171.212
141.94.240.141
142.250.186.102
142.250.186.130
143.204.98.114
145.40.97.66
151.1.205.165
151.101.194.132
151.101.194.49
162.19.138.116
162.19.138.119
169.197.150.7
178.250.7.11
18.173.154.9
18.173.187.64
18.173.191.32
18.185.4.235
18.203.183.215
18.238.243.114
184.30.211.26
184.30.22.30
185.106.140.18
185.15.245.82
185.184.8.90
185.239.172.77
185.255.84.151
185.64.189.112
185.64.190.78
185.64.191.210
185.86.138.121
185.86.139.93
185.86.139.96
185.89.210.46
185.89.211.12
192.0.66.32
192.0.76.3
193.0.160.130
193.3.178.3
195.5.165.20
198.47.127.20
198.47.127.205
2.16.238.158
2.23.197.190
208.93.169.131
209.192.201.180
213.155.156.184
216.52.2.39
216.58.206.34
23.19.226.131
23.201.255.110
23.212.88.20
23.32.184.192
23.53.42.130
23.88.86.2
2600:1901:0:7416::1
2600:1f18:6593:f608:5e19:3c56:880a:7270
2600:9000:20ab:1200:e:5a70:ca40:93a1
2600:9000:20c3:2000:1:a3fa:7cc0:93a1
2600:9000:21f3:b000:8:48e:53c0:93a1
2600:9000:262b:fa00:13:af59:7380:93a1
2600:9000:26db:fa00:4:b37b:9440:93a1
2602:803:c003:200::43
2606:2c40::c73c:67e4
2606:4700:10::6816:36e8
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:10::ac43:266a
2606:4700:10::ac43:db6
2606:4700:20::681a:78b
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:4400::ac40:9b77
2606:4700::6812:18ad
2606:4700::6812:83ec
2606:4700::6813:9e13
2606:4700:e2::ac40:8a23
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2003
2a00:1450:4001:806::2008
2a00:1450:4001:806::200a
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a02:2638:3::7
2a02:2638:d::2
2a02:2638:d::d
2a02:26f0:480:e::210:f10a
2a02:26f0:7100:9b8::2c79
2a02:26f0:7100::1720:ef1a
2a02:26f0:7100::1720:ef23
2a02:6ea0:c700::10
2a02:6ea0:c700::18
2a02:fa8:8806:13::1370
2a02:fa8:8806:13::1460
2a04:4e42:400::300
2a04:4e42:600::626
2a05:d018:d29:3605:cdf9:6ebb:c08d:dd
2a0c:5c87:5239::2
2a0c:5c87:5241::2
3.210.64.86
3.69.181.181
3.71.149.231
3.89.18.112
31.172.81.159
34.102.163.6
34.102.253.54
34.110.220.19
34.111.113.62
34.111.129.221
34.111.131.239
34.120.133.55
34.120.63.153
34.160.236.64
34.231.224.57
34.241.182.209
34.254.143.3
34.36.206.170
34.91.62.186
34.96.71.22
35.186.193.173
35.186.253.211
35.214.145.249
35.244.159.8
35.71.131.137
37.157.3.20
37.157.5.84
44.206.181.145
44.218.84.96
44.219.93.175
45.133.44.3
45.133.44.4
46.228.164.11
46.228.174.115
46.228.174.117
51.89.9.253
52.16.240.14
52.18.182.246
52.208.155.163
52.222.174.111
52.46.130.91
52.51.213.166
52.58.77.4
52.59.55.175
54.154.110.236
54.159.101.13
54.197.82.124
54.217.141.48
54.77.82.203
63.251.232.165
67.220.226.233
69.173.144.137
69.173.144.139
69.173.144.165
76.223.111.18
77.243.51.122
8.2.110.113
82.145.213.8
85.114.159.118
98.98.134.241
99.84.87.107
01b7e314743f8a5c5ce3167eff99cacd2a4cc0719a2333ab9060cde899c26004
030531146db3fd4d90ad1744a8cfb6c95b68b4f5edf7c0f2c39471d5828d95fd
04fd2eb2bc507768f6108f6ddf341a2debeff3a415b41dd6f35d1fd6654745c3
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0661ebcdc864598ea7c0f4811aa08de5f2feaf045e2b9ec9c2aae351a47a52d7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07ad1a974c4743ab62ae8ea5c6f87c8ac1d7a5c2f56428a0b428bf7d709dc9ea
07c21d52204f6df0f2295eac770281a8f9c0eeb50f00a45dec9e35c9cabd6df4
0926141b446eaacbb79f08a953b7b0a3c7ec73bdd5089af412f4a043944db6fc
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
094e34495daeac2cdad47cf80071d73ddd79df53f398481670149a12a5557f19
0a6258537b45f91ef20d72cd65e83df695a017bdbaa1adcc6be5754e2e1b4743
0acc4587ac96b58cf4b13f1fb52bbf29f6b15555aa3d52d14ccd7966d226f5f5
0b011287ef7279aea91e4d1c33a9636e1ddd80951c493859b00a43150e5ca95b
0c04ba6a26cf1696dc854f4c78e3fceec5dc0d563d40e0be41a756015efc576d
0c66fcbd005b49322f31177cd407cb74dbcca28d8dd197efc3aa2e754e724450
0c79040fb0175520636a0f21dfefe3944afb7b355b5c2851b3228ef8def9dd86
0cc5068304cfb22bbddb5a9800f7c59d843824381ad7183f89291ae41a6d09b8
0e97d52a6226cb2c5eb448d4007f35ce6382a32089ed7d25452b16713665c93f
0f0402599dfd7798a105e379ac33c7c4d2060999ea54a7bf81f18589d4e2539e
1023d364c505b4fb36d0e10eb058b943c397980fb2b54bc1b20beb18625ca5d7
1047020444e0f9d5830f2d569440909a6aaf61ef5b6db572bc3b9987f4b4f741
117293b70053c137f012c953143cc66d98caf89dadc5847d7a60360f0a350af3
13999a8611659365a88f9dd85c252af76e7f72b032ccc0fed703910b796e4776
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
152588670e321c471ade3b64c472922c0baaf6f96297cfb285be886b7770c503
1574ec82e9639e92b14f9f29da076c74b16d9461a746192bd9428b7aa1254ec2
15a9f49cc3a39df9a27bdaa93d86169a965bb6fb33657ead545c60213e72805a
15ea084e1d3886d7df928e78e2b7208fc23ac4b363352824e0916acbb0aaea22
16f8bdd2860508e659018ba2e7bc7852430cb38f3fb8a5f569b5cac2c69aa464
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
199e4835af79f304e97b71d6bd8c6e970c7d03c607f8b2cec52cc93ae73b5ab4
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cae1c37d59e19b1d0e1478225eb6330a3411aa8513507d68fc9c99ffdb29122
1d5efa1877ba09128cd3c07a1c9e9e0b2f7579817311cfd00b01a835d32634a4
1d7b1d575d6a20ad03467ec7580f7a4923c8e64e0922cb9a79cdb1655624ceb4
1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
1e46342c0be92982579a97285a650bb33f8cec310189760e860564b45b42ba1e
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
2046beec32566b904b4f546fb3ce9e594af6a83e54bcaf1d8796a262815d28bf
20b7efe8486155db01ea1304479465917360eb8fec4092f7592b5eabc9b24d53
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2420f6bca82d9c7c0d80560de948b880b2280b54e716cf44631b575e06b3bfd3
262fbcc7922dfabfbb72c1c366ae208230efbed08f7fc16988db51650c1e01ba
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ddfdbe820acf73e9b01c2a6f912ecd7de131d9e9e82efd748d61b2b84beab42
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30563cc285f3e9c8979922a21301d0b42ab7a1b3bdd3a07af7d1c79839e5b2ae
3060211fa73da094eecf50b187d55b708d6b351d2d35689fa23d5692d2617e6a
3229d1b3a2ceaf5cd78e728fef972048e012430d2bd31b69eddbb48d70b66dd4
325210cb9291770a99915cd990dfcabdb88b6d861fc0b14a11c475a62953d2d0
32ad2ce0b3c149e8e9e90671f4dda953c5cb04a744e4bb83c35e3e8c10fc3173
32c650890e99047bc6cd795d59b958a70489d924d0848d452cee047d4c7b5918
34083d38321ab24de28bae2d4fa8083e9a147a44e10d0f7b2921c7d72a2dbaab
349df22cb172fd371a26edd8d44c67c95482024430cef8b4c670bf1611931c38
35309de8df4deca742ecbc655a788096cefbca681ab6b2ddc7c34745281d2f8c
35885abf1497c8fff53e54036b502e3557d612c32f902891e36c587c7b353b66
362cb3ee451098e7663093e3dc502c715c2c942c5e026387806197a9a815bc35
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3718964d6f6f2a20648f65c484cc413d0e7bbcbe4b535f1bc758c0de38ffc58e
3749cc39c040db386f013152979e32029979e464447878c87a9a54b239577b65
3754dbfeb713284ee6f058a608abd3f00206ea605031f87dbeffbfd60845e41a
37619e5369a3825b83c19196aa81cbe8e25a28ffad018fd9667af11c6b4838ca
37abef88a91af49d4c28175753243e01c7c6bc5366e643432a21615799c7f8a6
3ae502bfe86929d2c34ca94df37c8948e285bfc69de4518de65fec09099dd509
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
3d799b8d6ab02987525e8b6762b44750c198a6f6a3f9e7753473ddef8094c83e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e396451bc8495d2e49e2d63733551e31b888d3b944b9f5eb8516917edfd0040
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f451e672a850645dcf5d37357e5539a5f1a9e7706bd7e56bf54c86e259abc4f
3f56473141577d2b87c23d340192177edda4e2e5860257152f9814e143d5d82d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411c8ac2a8c4eb17f5f1d0d9419a21235a8dbb20b4fcd49d8dde46ed9178298d
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
428a6cf014b6a7062eb5655f3309bbd434b2e40ac5f33502b73072d2cbab03e2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43323a5ceab22123c3d6180b3fe94101c256800a68bd0dad25f0a1233a647c4a
43414abf66f6cad9a445349ac63d11bc30ccb777f3e90778871d2cf04c02b347
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451ce2bcc056a9985c7d83a91689076e08450f9f5375b3f35ee6a6ff454eb6a7
454b42f206d367d7be8f0b3f978ab7f28196f94e97fbade32ce8f377810e6faa
47267395fc8cdbe309dd372de472394a0c352a4fc57d12633980ded225de29a1
4808c8e8e2350265366b6e9b590043f18be423649ffdfaaa4a87c4edc2961d5b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a81c3dc7fb18f31d65764a0a84a91bb66d3566ae5795aa1e094f709ada5de69
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d098860773d68c5d80ac5f428b3c1d0ed991cb1f89964c20d059cb645aa4494
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1dd78ad69fc4a0df1f0edb67f6c10bcbf16057588c2b6f7535930e967ef742
4f32d102a1a3f45bac46140601a6f5d47e1a3e9711cbdc9f942e751f3354f2a6
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
508b39171159eeb71a492570d41c7ac37ed69a392ed59d2969492b108f764aea
510bad5273617bc2a9e70742b2228b4164f3e48623822da557d1ef9102b81eb1
51891be505532105e0fb1145eef010298a09076dca074818c22bec7a0cde55bd
5202763d90c21f7302a1e54799ba58b53c0d6a5c2551b75a239463349c0df237
52a6c0dc3a72a1f3b7202d7f33fdb147db367ce8b44f86e791814a9f079a5735
52d64ac0b3a8d9ec1681de0786d3dd06ef7b5d8cf245d77ec97411d72bcdfa86
538be4d0f583d206b41eaf40ba202b642d3b7bca07ad734c834ef7ad8d13a700
54333c7be622a36ac4fb92c7f364a37a5f9ef971995734c7da29c6ec387e762c
54884e22a5a776b6c7eb41ae0e119b2ac1d2ba8765b063811b485dea1b8de946
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
555cd03ff6898614166494825516fbaf15aadfb16f88611778b580257d120a24
557dd5d6af85b5639c20b92b58670a12f90b7d07a6f1277464fd05502e8b419b
55dd4ba6e098e26dac8be59dda435f7844345767358dacfcb0a00a40c2a99824
5662149034f5fd127ca3fac155c369590a333672567f6d75983f58984d0b7d7b
569570d532fa6c2737ee3dccac947e9f02fbb9dde932e4f704d7ba37ca0fc7f1
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
581350c52977fc73b35adfe430481ba2f100ed9177c6d3d2256243f52e0a5c16
5854a2500a0a201e00c9f934d676953f91d9c630e6e7bf9e8aee70c8a4322967
58e3464db0990e0889c901510ef5cbfc7328050ffd0837138e9cb0c61530845a
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422
5bd3fcac620ef1b86850c77ac1fc5fcc02fe744cc5ac5f999421cf03f4127a75
5bdab34047746aa7d1f317d2a47cc795d7207c3b14933fd5d76bae623634af6c
5ce458c194c779bda4f688e53a08b27ef39840fdc98b99a2828a6eb286f47c6d
5d6f2cecf904b1b45caa6561439a7f26cd547a36c611227f71b18b1b37139585
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
5fd4069dcaa7ea847aab3c8e49f359986f01d15bcc70ca0a2cc93ebd9ab8bf29
60d56ed4cc823762dbad40b479e1104c44c3fc0372a48e2d2aefe54894e3f376
60ef4cc14c7ddf4064f13e86655ef0186713e3eb6aeba049195017225d9733df
617bf1c27e03853ae5fa288ae5361889fc49736672164dbfd2007a2dcb8be86b
619699049d02f5501385b38248e291a16ccd4a43479a77f5e685a70d9a98f93b
61b02317144b41f42e977342d66662dcc88a5e58590cd55022a693fe79fe439f
61be8120bde3bc16b93aaf499bc340bdf7004e06470265496d9440d1fe13e1df
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b
629a22508d3d195c140d19788df0b9d8920bf3c65edf7ee74a4f86ccb58ba28f
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
640048af1af0b618e31f514121b02daccf0517a11051eeedea0f913563685c1d
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba
65c87f9d5c30c6601a4b9fc762d8eb32d0a71e98a8cdcd8067d455a666ad0105
66499ddf1a34f67f53c5a31abc9e866f7c54a64a8cda4199a9d6bd1f2b1df51d
683245d5f3f9976ce066aa5d899f8c533bec2ab49b9a848f1d19825c0b791566
68d915d90152855140b5fda03f779e6d2795a8913b86ae33e9eb54d3e8869057
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6a3249280067c7ad550fce97c84e4bd3a0c019dbabd1bf073e514d8b3e1ec3c7
6ceca202d09a5ef57f3134fe038d485e08ce70371bffadd01e88a43b880fb29b
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f8b2b91c0a7c18a0eafd67bcaa80fdb350695ecc4d866f71728c74a8f886598
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7099199a2d87ee106ac4fb259435e59082d7f31fb4358cff07343bbfbdb968e1
70cb36e1705100380461ae92749d1b7838286c8fd15d2773d2232695c4b5d070
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
73d3b0665c9ba0323fbadb5cd70a07ec2fdd1a7b2e550709a93c2a51027cfa15
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7475ed67c86cbb577d1e88c08770cecc181cda9c652256f1ab74e85a51ee1ba5
76b49afa7f39794275144ef77b86fea1fe3a4557fb21b15027eb2407ca72825a
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
771676df0a22e07f73f7710292ec29b573ac81f5c107ae4d3527071d98343fd9
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7
7952eaa38ac914b05f3aae43d16dd68f18c72a482c59374589ba03b0afd77a3f
79ec26d976a565d845f737ebfc3ad42dddc72c4e9e50b6648604c1c4e8c02df8
7a0e8cb59a8b9b723a2e298c769bcea0631bd75c7442e21702deed1d6c2813c8
7a363b5a341b6b643adc19efca2b2ba4f8199e84b0e946ba1427b8688fc734d7
7b32785db8941f4503dfeb24b076e81c895483ae097c2354e058101d5282cae5
7c54799c176b73db64171672c674a450d4fc6bda4facd1f4d5c5484f9d461402
7c69be9ed282fddb55f79b28a2a2816b9116a4357ac84e4c34591005c538233a
7cc16a477c1a90bfd29f57eb3a725e7f3ad44be936b0d800a9045ec0857f67eb
7d45078a116638574e085806e50bed6d3c6976b816ba3031a3b427615eb5992f
7d5a3924c6546efea587495ce9f84a87a8ed023b78d6a0fef51820cc345df574
7f34c8e47b276629a716cea9d7e2555f948db14bd4d250c5b0af3b1092697a65
808b9d4b153f7de407f828ce0fff1eedae8107f030d49eab4b511e1453b17402
8093a2db3f00b3ba1c209a38f4a80d50d55605caecea0d68582f6d6e6bab1917
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8163e7149db361ed14b7555bca382bdd8f5d1c6ee6d33f9434a83c2f0420cff2
819dcb4ae19b3c27e3374d9fa37ed58caaaaf3b897a9d80bf4046f3765da89f0
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31
8380835944c57e7b27710d30e02cc3e60f942c3fa12e5b5e7b5ac5c39e4e10db
83c3b0cd425750525a180e93326fcd9d74f41597088f5957fe1d96d93ceb5f9c
847efd8452d7e9d77b47b0a9c9f871dbcac82f17e8a836197e7f34d950679ec4
848f638037a791cabe1eacb08f796ac2eb5b0fb1ac3c1cbbe497acc29c55b85f
85f08844af333b57ba0296fcc5ac9a68d7367a2a4bde4d6677d82e952b75ee3f
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
87171d091d307d077266964e43251dbffd6d69c3fa0775e26481e08d31c949d6
8881b6734eaa1ef2330b7ba22a9edf08afe8d4fe3bec5ba8edb3d90eedb888d6
889403529893a9441dc4cf99ec62839a7858af5c530792251f4f55bfeed005e0
89f2d4e6c7a6c41c13c2e7a75e526aa60b9d5274fe28b2d82801c6beb6beb879
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a02bd84c6ebda2ceeed45b34a3789a6d45755625f9462b9ee9d2b97e1bd6d5a
8ad038f5403f413b0adcc88d0382d346bc39d5780e4e8573b77579e9b33e1c54
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242
8bd5fd8845a565e4fa72bc926b9921bdbcf2312bd65b770e6492f198272804b9
8be1a178a674283ec672a2a519eb1fac0a7b8b019d6e2a4d4e12c012ca891c21
8c0213c4f526687c16252ed26da8cb566163eb424d5aebe26d92d31635928550
8c228f1f2dd8352fd25d03f26e26e0048593ea2af30ed2026fba25b25c274cc3
8d5d2d99b0a4a119eab3e2cff06305d66bebcd6b39eec5780b08a709c7a95993
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6fc5d83f5b9f3885aca956fc4ea1198e0c42eb9ddb86a8edeceee89a839f55
911efbd02dbc4ba7e63d84fb4fb4a364200be85ceba1d8c05703853f875acc35
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93cd827c07e1855b3c7f743bcb6036070724b44147d25573b7b99c0dd257c4d4
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95dbebd05e181e670882efc87e7acdb11e09db4d3d4d95b518ef755af3df045c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1
9909ab1183fbe48533f5da95eee6df77e9f896db26be44322d78b85fcd76ee39
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a3669f459d0fbe742abd7ad5fca4221c9690e10119d1ee9e780c3c8cdb9f929
9b5482933146ef854dc6abdb4fe947ff1479d8e79f27d486bb9803bae120dae7
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
9dd7f3509b0c04a53f7a60edd65fd4dafd9c5c8723ba3296de33dacb56e21ff2
9e03f81e6ffc2bb0741a9e6db3dc37973da9082de612bcc8c3a9dc3c72908264
9ed96d3023e9f7b4ec4992578c70790583f41d3dbcca81f6e3f6d73a4889ab84
9eff412c1198930f1d219490894e17733ccd8b992e9ddb7546971f783c00431e
9f449541930dc8900ab0217a894713d3ec86f5b3383663b3f618a939963c6ae1
9f7a3afc9a87ae989f240547a43d8764dab6287b450f0cb97f9fa4bd738efa29
9fa030bd8c5330c2e8e981e3449f052b5bdf950bf9bd955d93e0c02518805ca8
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a2a699dcc9180e1dae09fd2eb7cf3ccf622aee47b8f7e8e0b85472715141728f
a452abd2e89e6b395ae78fb469f4c16387a37f725c91911f6ed7e028ad3b8265
a610a6a0c31cde4c57235319e2d87775c6edce8a7f34481da6b4566bb7c07501
a6f8385a32456868e5011ef7af0cd073451d45efa2771adc8a6a22374ddcb9d7
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a86707f70496ec86f0f21890114c2d01106442c2f4c800a824eeb1c1abe127b4
a8afcbd9e92c09144d53bccea66284b3a2f856a41ce5b89c9f389118803c6308
a8b23a89b139fd8729b35c9d1e815aaafc64c50183b7f6ab8e96b852ccc3f0e3
a900ba6c4d5bd7d1cebe46aa1421a8812904060fc9f62f41420bcd7bd4b2e684
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa147177214c6abaf4f71ecf914f3f15cf7dc924432d01023a6a19fc54ee9eed
aa75fa22ae72c1b4edfbca3f4e9c8f3b57244c5674346e5301af41125b389b57
ac018d5d233d03ec7c73ba5688651fab1ca5f86edc83c1232a9af74566e43916
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad5f11dd00d48d6058bb7ab44edeb643ccb1c0ad2fc53703f3e898ef0229b681
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19
affe42e5878cb6a6d888d239d3a3f211f395539eba2813a8bba74593dcc50107
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0b26fb8e1318f612e7bc978307f18fc79b93bc58e8b7311eed80de7b21e45ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b151aa3d07143e0caf0150faf6eeb78f9869493f8eedb7ae5ad677194b5c39b4
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b2137a0531aee2feb41bf3fd77785e95ca5190031f363916bfc03e403c4b0776
b2584054d5b357bc1438d0f79e78154074c3c154f147fdac82c39b1a42a06820
b44411181077cce0f861119a06b55fdb17d4df85ddf5da67be9710bdbfef9dbd
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6
b5f3bbe93348fab76879e3ab81573722f59275cac4ea155a61cc1c23d8e12491
b7440e8b439114bd810cc553e4770cf1ee02cbe18a341308fa8a061f8a603379
b758a777aceb46ebbd79d05ec54618696182e0b29dd7dc679e0403f085cbcd4e
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b83591168c9409a07836e90c01b8a61c454007945c1e46dbcdc19a7d4e1b40c3
b83f486ed0ec7d4240039724bca54ece8d33e01032819cf924a98845f8a4e65d
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
ba0e4777ade6e76d319d95ffe9cf484ea240834e319431ff6b0a2a09bd2e3107
ba658a8a1ab304bb96e44762d5ac24306415cae45145d34f68e51d97fcc77aa1
badbcf045249cc5d9eab597c09eac8e1e4cac6d32f71d0b73213411bec24040e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb48b269b79ac59ddbea2dee0a765a3bc0a288407d3b4eb29dcc5d033e5644cd
bbf903684c94e204498e6645da2359da42517d09a3d9c330f43e9c66fa58b5b7
bcba14483ebee674102e1eb122afe16ad7270bac8b9045e1dab96258f9469ae5
bdfd00f7b41a504579b6f10fe781557c69bb449f1d924aecfd6467d878892106
be475e761c185d573a25060b95bc94860ef67454dc13e9ddd0a37c91b357f847
bea78c373ea76ea89c8ec1a21b6989b051fa55ac737af65b7ee0bae59eac9e30
bf03af9c9bb375ce984d3951643b9a63be794e2f92760c6441306ae48f55b31d
bf7f8065f196b423f3bbd525dbc636b7c8487d3ed590e5e43afff309fdeec281
c139b7389c2e6953ef9d36218be7172678df1f3f05e70b3b93744d82434651f8
c15f28756313e50427733ebbc02860ac2e96e0fb5ee6ebdcfbd55c8e8cfd3e23
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4113ebc97841fdd4d6079742098c029077897bc029ae5e724a293fc1053a88c
c46f47251a8cedcc92264f0ba3ab8eb34f512b76d477e402cbe79a4472b06ee7
c63ce08d76a8c6731e671fba9f1766751997b35a2e3914fc6238ae12dd808ecd
c67b2c5a246898ee41fbb13a7aa993bd4f1f446248e10afdc609a3d2462ceacb
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f
c8303d94c22f8d08a2bbf554557afbb554161aa594d248b2c77286b1d3c98252
c86554a8933a7bdf79a3d3ec72511c6091be0487cfef52a044214d68697dcff5
c9cef747eb759ceb172aaaba4857e1f3a31c5894e7448dd79818ef717ec94bd2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae0864882dadea255539e23f6438d8b792933903e9b4e2771eb85e0b37d7145
cc99a7c3d00df09293cb18360d00c7e19c72bfd8f97a2293b4081c9da3cc88dd
cca47157e9a8c7fbe937ab8f34c9b60f2667de15d32251d7318bfb5291d60419
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
cd19cc5fc19a2b0bcf831d5455f7ce926bb88535cd47410696935df2865c669f
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d49584dcaa26f57619b1b8889b19f06de1f405727a24d1ff0014ee90c23cfce4
d49d25a875c1d1762e5ef7b96b771c64139c0aef85ce501c421e501242e1f98b
d566cecb92cdd81c0bd52584787e6db3a51d74b6ea36acfcf073fca8be88dbc9
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d851b822de46bf5127bf5911015991e78e5b45cd26e1ab578efa84b9487d67e4
d9234d546d7fb5bf401aeca3c9678094ada764ea670289e465866b075b79d2a5
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dc29b5873f4103d961b4ce1ead0d695cd22a496e90d66613e570247f4629cc9b
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a
de67ae51bc8d62963652060c12aa77245a10d5393eabd1642ae620dcb6884da7
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dfd11981d1f9dcfabd4e0a4c64673acbe48d518b9914c12b02e73b91c4fe2a88
dfe1a8e26b2006da1bbc11ec4650f2f531960cb07cc54c6c370a4190c1fb2608
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e32de62a47c98905b080b0e8ef3230ae8bfe758c77840282aee65c492c23ddcf
e38eb3d2b538a6720761004893b118f40723de23a3c57df68b50d5037c50c8f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b216eb91f29834ac3ccb069f360adaee3a6fda00dba7f9fb69359e21450c4d
e4b96c86bb64d2324ce169c3da60d77c897f2afe47fa535f0d95affaf40e7ce9
e58f4e8af1e3f8783b6acbf98bd26b1561d5b64517a738b9ba361cbbe3648801
e66a68b3981921066be641298688cbd8c9fe45ae59bab0fc3f6ce54b77c8f589
e7e43dd04a274a58748ea704967748907767444d6a04c9abfe7fc84b1aabec9b
e9038ae8847be7afea9d5221156754ace8843990d3e04c0cdc5a29ad5f1eab92
e948eb7fd66f63fa94dee8b077495ba1c4053573182d8aebf90aa1db18d95245
eb203a611731d8010627ec1a4e29e3dc8c7cae3973c99d09d5b797898f26eda1
ec49b01303a027cc738f7c0250de452c54b0b0b519362a3beecc90024402b10b
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e
ee44adfff51a9defed563faa1fbc8eb8f5d5e8aa565b0ca41e1d99b98d99cf77
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f039e32c9e62cd2acc5bf02dec7282686e6f41be6b01bfa249f9590cda747cba
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f2b932f629c676a2dcacb9f189d8506004aae6ff09167b109ed6bf6d56cf4d89
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3678aab0b3567729e07aeb488a538c7417e763aff7967d1cb60b47ecc23dc7f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4471f5df0b83a3428698a951af7a8c8c26ae4f072ad4a8ad3c1416b6599c964
f7395a030866ce15ef2f1f921c554dd200435db20a71b07f0c9d78f75d512723
f778755a7b055395a3fc786454b649f00a929c56c4415a2375cce4ae6f1b1dc0
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f9d97d0a58afe2fa3caf17f94611826ef4b3c9cc88beef6c7fa916f0949467ed
fa34a2e5ec9044ed1dc5bf38ec8144a0dcdf4abf25476015a0c4f3b36fa55d01
fa6fd75aabfffb13754734b9ce1320f958557c46217a73c333222b74c85e9595
fa7791fec913342ea73faacc4e2b72f72e264b8d305946ddd559384bf4d124a1
fb349d715fda61d42d1f621bdcfaa1d5e17a79abda601efdcc9a91bdff1cd527
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20
fc4738a002c01eebc4e8a02b9483688c8c450f27f017d41be18073c199b73261
fda07832cf52e1ed900551b9b261264ca518659bb082558168a96a70daca257e
fe944b5d716034a8578b77b7f2a66c4969902cc4c9d75e805d4119d2b83ee60d
ff0620a42905c5f58738469db12e1455952a538e725dafec7c0f0b7181fc86fa
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d
ffff815a7c15040eb4bacfc51a11ee41385971177592c7ac0459a0f8852f0658